Local News

Actions

Federal officials unveil tool to help cyber attack victims

The FBI and Justice Department states victims could have been targeted by same group that went after MGM Resorts
keyboard-generic.jpg
Posted

LAS VEGAS (KTNV) — Federal officials are helping cyber attack victims restore their systems after being targeted by a computer ransomware group that claimed responsibility for the MGM Resorts hack earlier this year.

RELATED LINK: 'Corporate terrorism at its finest': MGM shares new details about cyber attack

According to a press release, the group is known as Blackcat and also goes by ALPHV or Noberus. The Federal Bureau of Investigation and Justice Department officials said the group has targeted the computer networks of more than 1,000 victims, including networks that support critical infrastructure across the U.S.

Investigators state Blackcat actors use a "multiple extortion model of attack". Before they encrypt the victim's system, they will exfiltrate or steal data and then demand a ransom in order to restore the system and not publish the data.

FBI officials state they have developed a decryption tool that has allowed field offices and law enforcement partners around the world help over 500 victims restore their systems. To date, that includes saving U.S. victims from paying $68 million in ransom demands.

FBI agents in Florida also state they've "gained visibility" into the Blackcat ransomware group's computer network as part of the investigation and have seized several websites that the group operated.

RELATED LINK: Safeguarding against cyber crime can be complicated and costly, experts say

"In disrupting the BlackCat ransomware group, the Justice Department has once again hacked the hackers," said Deputy Attorney General Lisa O. Monaco. "With a decryption took provided by the FBI to hundreds of ransomware victims worldwide, businesses and schools were able to reopen and health care and emergency services were able to come back online."

Channel 13 has reached out to MGM Resorts International to see if they are one of the victims that has used the FBI's decryption tool. As of 5:30 p.m., we have not heard back.