World News Flash by KF
UNITED STATES: DOJ Reclaims Some Ransomware Money
After one of the most brazen hacks in history, federal authorities acted to ensure that it was not a complete success for the criminals involved.
On June 7, the Department of Justice announced that it has seized 63.7 bitcoins currently valued at approximately $2.3 million. These funds allegedly represent the proceeds of a May 8, ransom payment to individuals in a group known as DarkSide, which had targeted Colonial Pipeline, resulting in critical infrastructure being taken out of operation. The seizure warrant was authorized by the Honorable Laurel Beeler, U.S. Magistrate Judge for the Northern District of California.
“Following the money remains one of the most basic, yet powerful tools we have,” said Deputy Attorney General Lisa O. Monaco for the U.S. Department of Justice. “Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide.”
“There is no place beyond the reach of the FBI to conceal illicit funds that will prevent us from imposing risk and consequences upon malicious cyber actors,” said FBI Deputy Director Paul Abbate. “We will continue to use all of our available resources and leverage our domestic and international partnerships to disrupt ransomware attacks and protect our private sector partners and the American public.”
“Cyber criminals are employing ever more elaborate schemes to convert technology into tools of digital extortion,” said Acting U.S. Attorney for the Northern District of California Stephanie Hinds. “We need to continue improving the cyber resiliency of our critical infrastructure across the nation, including in the Northern District of California. We will also continue developing advanced methods to improve our ability to track and recover digital ransom payments.”
On or about May 7, Colonial Pipeline was the victim of a highly publicized ransomware attack resulting in the company taking portions of its infrastructure out of operation. Colonial Pipeline reported to the FBI that its computer network was accessed by an organization named DarkSide and that it had received and paid a ransom demand for approximately 75 bitcoins.
As alleged in the supporting affidavit, by reviewing the Bitcoin public ledger, law enforcement was able to track multiple transfers of bitcoin and identify that approximately 63.7 bitcoins, representing the proceeds of the victim’s ransom payment, had been transferred to a specific address, for which the FBI has the “private key,” or the rough equivalent of a password needed to access assets accessible from the specific Bitcoin address. This bitcoin represents proceeds traceable to a computer intrusion and property involved in money laundering and may be seized pursuant to criminal and civil forfeiture statutes.
The Special Prosecutions Section and Asset Forfeiture Unit of the U.S. Attorney’s Office for the Northern District of California is handling the seizure, with significant assistance from the Department of Justice Criminal Division’s Money Laundering and Asset Recovery Section and Computer Crime and Intellectual Property Section, and the National Security Division’s Counterintelligence and Export Control Section. The Department components who worked on this seizure coordinated their efforts through the Department’s Ransomware and Digital Extortion Task Force, which was created to combat the growing number of ransomware and digital extortion attacks.
The Task Force prioritizes the disruption, investigation, and prosecution of ransomware and digital extortion activity by tracking and dismantling the development and deployment of malware, identifying the cybercriminals responsible, and holding those individuals accountable for their crimes. The Task Force also strategically targets the ransomware criminal ecosystem as a whole and collaborates with domestic and foreign government agencies as well as private sector partners to combat this significant criminal threat.
CANADA: Seeking Justice For Over 200 Children
Independent UN human rights experts have urged Canadian authorities and the Holy See of the Catholic Church to conduct prompt “full-fledged investigations” into a mass grave found in British Columbia containing the remains of over 200 children at a residential school for indigenous students, who had been forcibly taken from their homes.
They called on the authorities to probe “the circumstances and responsibilities surrounding these deaths, including forensic examinations of the remains found, and to proceed to the identification and registration of the missing children.”
“The judiciary should conduct criminal investigations into all suspicious death and allegations of torture and sexual violence against children, hosted in residential schools, and prosecute and sanction the perpetrators and concealers who may still be alive,” said the experts.
The children’s remains were found at the Kamloops Indian Residential School, run by the Catholic Church from the late 19th century to the 1960s, which was then taken over by the federal government, and later closed in the 1970s.
It was part of the indigenous residential school system that between 1831 and 1996, hosted over 150,000 children in 130 schools – many run by the Catholic Church or the Canadian Government.
The 2015 report of Canada’s Truth and Reconciliation Commission determined that aboriginal children were subjected to abuse, malnutrition and rape and that at least 4,000 died of disease, neglect, accidents or abuse, while at these schools.
“Large scale human rights violations have been committed against children belonging to indigenous communities, it is inconceivable that Canada and the Holy See would leave such heinous crimes unaccounted for and without full redress,” the UN experts said.
They further called on the Government to fully implement the recommendations contained in the 2015 Report.
“For far too many years, victims and their families have been waiting for justice and remedy. Accountability, comprehensive truth, and full reparation must be urgently pursued,” the human rights experts underscored.
WORLD: 800 Suspects, 32 Tons of Drugs, 16 Countries
An ambitious project from various law enforcement agencies has netted one of the largest hauls of suspects and contraband in history.
Officials from the Federal Bureau of Investigation (FBI) and Australia’s Federal Police teamed up to create a phony encrypted device company to trick crooks into thinking they had a means to conduct their illegal business covertly. They were wrong.
Over the course of three years, authorities monitored their activity during a project called “Operation Trojan Shield” – or “Operation Ironside” in Australia – before finally dropping the net and bagging over 800 suspects, most of them in mafia-based groups.
The app AN0M was installed on mobile phones that were stripped of other capability. The mobile phones, which were bought on the black market, could not make calls or send emails. It could only send messages to another device that had the organized crime app. Criminals needed to know a criminal to get a device.
The devices organically circulated and grew in popularity among criminals, who were confident of the legitimacy of the app because high-profile organized crime figures vouched for its integrity.
“The FBI, with our international partners, will continue to adapt to criminal behavior and develop novel approaches to bring these criminals to justice,” said FBI Agent Anthony Russo. “We appreciate our long standing partnership with the Australian Federal Police in the fight against transnational organized crime.”
“AN0M was an influential encrypted communications app but there are even bigger encrypted platforms that are being used by transnational and serious organized criminals targeting Australia,” said AFP Commissioner Reece Kershaw.
“They are almost certainly using those encrypted platforms to flood Australia with drugs, guns and undermine our economy by laundering billions of dollars of illicit profit.
“Organized crime syndicates target Australia, because sadly, the drug market is so lucrative. Australians are among the world’s biggest drug takers.
“One of the causes behind domestic violence, sexual assault, neglect of children and unspeakable tragedy, is illicit drugs.
“Our first responders, our teachers and every Australian should be able to go to work and live in our communities without being harmed by an individual under the influence of dangerous drugs.”
In all, at least 800 suspects were brought in, along with 32 tons of drugs, $148 million in various currencies, 250 firearms, and 55 high-end vehicles from 16 countries, including New Zealand, Sweden, Finland, and others.
AFRICA: Congo Still Reeling From Volcano
The UN Children’s Fund (UNICEF) and partners are working to restore water supply to roughly 200,000 people, including some 100,000 children, affected by the volcanic eruption last month in Goma, in the eastern Democratic Republic of the Congo (DRC).
The eruption of Mount Nyiragongo on May 22 My melted mains water pipes and damaged a huge 5,000m³ reservoir, the agency said on June 7.
Without access to safe water and sanitation, children and families are at heightened risk of waterborne diseases, such as cholera.
“Cholera is particularly dangerous for the very young, the very old and the undernourished, so an outbreak could have disastrous consequences for children,” said In Hye Sung, UNICEF emergency specialist.
“Children under age 5 have the highest incidence of cholera and are more likely to die from it, so it’s critical we ensure that families have access to safe water as soon as possible.”
Thirty people were killed and some 3,500 others lost their homes due to the volcano eruption.
In the wake of the crisis, scores of people fled Goma for neighboring towns, either because their homes were destroyed by lava or the authorities advised them to leave over fears of another eruption.
Together with domestic and international partners, UNICEF is working on the water issue, including through supporting the State-owned water company to redirect and protect a by-pass piping system that will send supply from the pumping station next to Lake Kivu, into part of the water system.
As previous cholera epidemics in Goma started when residents collected dirty contaminated water for drinking, UNICEF has installed 15 emergency station chlorination points close to the lake.
CARIBBEAN: Newark Airport Smuggler Foiled
A Jamaican man admitted on June 8 that he smuggled approximately 2.8 kilograms of cocaine into the United States, Acting U.S. Attorney Rachael A. Honig announced.
Perez Omar Gibbs, 38, of Trelawny, Jamaica, pleaded guilty by videoconference before U.S. District Judge Katharine S. Hayden to an information charging him with one count of importation of controlled substances.
According to documents filed in this case and statements made in court: Gibbs arrived at Newark Liberty International Airport aboard a flight from Montego Bay, Jamaica. Law enforcement officers discovered that Gibbs possessed approximately 2.8 kilograms of cocaine concealed inside two bags of coffee and four picture frames.
The count with which Gibbs is charged carries a mandatory minimum penalty of five years in prison, a potential maximum penalty of 40 years in prison and a maximum fine of $5 million. Sentencing is scheduled for Oct. 20, 2021.
Acting U.S. Attorney Honig credited special agents of the U.S. Department of Homeland Security, Homeland Security Investigations, New Jersey Division, under the direction of Special Agent in Charge Jason J. Molina; and officers of U.S. Customs and Border Protection, under the direction of Marty Raybon, Acting Director of Field Operations, New York Field Office, with the investigation leading to the guilty plea.
The government is represented by Assistant U.S. Attorney Jonathan Fayer of the Economic Crimes Unit in Newark.