Ransomware attacks have become increasingly common over the last decade, and governing bodies have done little to address the problem. But a recent string of high-profile attacks, including one that caused a gasoline shortage, have pushed the White House to crack down on ransomware and quietly dismantle some Eastern European hacking groups. So, what happens when a ransomware group accidentally hits the police?
As reported by Bleeping Computer, the AvosLocker ransomware group recently hacked a U.S. police department, stealing a trove of data and encrypting the department’s devices. But when the group realized who it hacked, it apologized and decrypted the department’s data for free.
The AvosLocker group didn’t tell police which files it had stolen or how it hacked the department. There’s a chance that it will sell police data, just as the Clop ransomware group did earlier this year. But hey, cybercriminals are clearly afraid of the U.S. government, right?
AvosLocker RaaS operators trying to avoid heat after hitting a US government entity by providing them the decryptor for free. pic.twitter.com/zFg7Idj9Zs
— pancak3 (@pancak3stack) December 29, 2021
Our friends at Bleeping Computer spoke with a member of AvosLocker, who says that they purposefully avoid government agencies and hospitals. When something like this happens, the hacker says, it’s because “an affiliate will lock a network without having us review it first.”
When asked if AvosLocker avoids government agencies because of law enforcement, the hacker explained that U.S. law has “no jurisdiction” in the “motherland,” and that AvosLocker simply avoids government bodies because “tax payer money’s generally hard to get.”
This explanation may feel a bit misleading, given the drop in high-profile ransomware attacks following President Biden’s statement against cybercrime. But it’s not a lie—government bodies fear that paying ransoms will encourage more attacks, so they avoid paying ransoms at all costs.
So, what can we learn from this story? It’s clear that government agencies are still vulnerable to ransomware attacks, and that a drop in high-profile attacks has little to do with an increase in security. Scaring or refusing to pay ransomware groups isn’t enough to avoid future disasters; governments, hospitals, and businesses need to start taking cybersecurity seriously.
Source: Bleeping Computer