In a significant development, the United States Justice Department has launched a major disruption campaign against the BlackCat ransomware group, also known as ALPHV or Noberus.
Recognised as the second most prolific ransomware-as-a-service variant globally, BlackCat has been linked to attacks on more than 1,000 victim networks, including those supporting US critical infrastructure and Australian businesses.
Notably, the Australian Federal Police (AFP) has also made a substantial contribution to this global operation, providing key intelligence and data to the international task force aimed at dismantling BlackCat's operations.
AFP Cyber Command assistant commissioner Scott Lee said at least 56 businesses and government agencies in Australia had been targeted by BlackCat over the past year.
Consequently, the FBI developed a decryption tool that allowed FBI field offices across the country and law enforcement partners around the world to offer more than 500 affected victims the capability to restore their systems
This effort has offered a lifeline to numerous Australian businesses victimised by this group, estimated to have caused worldwide financial harm in the hundreds of millions of dollars.
56 Australian-based victims
Assistant commissioner Lee said: “This ransomware group first came to law enforcement attention in 2021 and has had a significant impact on the Australian community and entities around the world,”
“We have so far identified 56 Australian-based victims across both corporate and government sectors and we are engaging with victims to provide decryption keys to restore their systems where we can.
“Those decryption keys are similar to a password.”
Decryption tool live
Assistant commissioner Lee said the AFP would continue to work with international partners, plus state and territory law enforcement agencies in Australia, to assist in their investigations and provide crucial information to affected businesses.
“The AFP has worked closely with our Five Eyes Law Enforcement Group (FELEG) partner, the FBI, to ensure action was taken on behalf of Australian businesses,” Lee said.
“The FBI developed a decryption tool that allowed law enforcement partners around the world to offer more than 400 affected victims the capability to restore their systems.”