How a Toronto-area police force helped take down a Russian-linked ransomware group
A Toronto-area police force is opening up about how it became involved in the international efforts to legally hack one of the most aggressive ransomware groups in the world.
The contributions by Peel Regional Police are one reason a Canadian flag is among the icons displayed on what used to be the dark website for the Russian-linked ransomware group Hive, along with the logos of the U.S. Department of Justice, the FBI, and a variety of police forces around the world.
Peel’s officers got involved early when a business in the area came to them in 2021, saying their systems were down and a text message on their desktops showed a ransom note, said Detective Const. Karim Hussain in an interview with CTV News Toronto.
“We had one of the first cases in Canada of Hive ransomware,” said Hussain. “It was the first to market. At the time we started gathering evidence, Hive was a fairly new ransomware group. Everything we brought to the table was interesting because no one had seen it before.”
Details of the case matched with other high-profile incidents, including a hospital in Louisiana where hackers accessed data on 270,000 patients, and a hospital in Ohio that was attacked and couldn’t accept new patients even as COVID-19 cases were surging.
Those were among more than 1,500 attacks worldwide that had the digital fingerprints of Hive, a group whose affiliates have netted some $150 million since 2021, police say, as they extort businesses for money in exchange for getting access to their data or their system back.
The attacks are done through a “ransomware as a service” model, meaning a small group of people design malicious software, and then share the tool with many others, rapidly scaling up their attacks before the security holes they exploit can be plugged.
“You have an overarching group that provides everything down to the infrastructure, to lesser-capable cyber criminals, and they provide them the tools to conduct the hack,” Hussain said.
The case brought Peel Police together with other forces wrestling with the impact of Hive, including the RCMP, the FBI, police in France, Germany, Norway, and Lithuania.
Earlier this year, the group struck back, taking control of Hive’s website and replacing it with a landing page bearing the logos of many investigating agencies.
“Simply put, using lawful means, we hacked the hackers,” said U.S. Deputy Attorney General Lisa Monaco in a press conference in January.
She added that the police discovered and then freely distributed decryptor keys that could help anyone who had been attacked recover their data or free their systems on their own.
FBI director Christopher Wray said those actions had stopped some $130 million in ransoms from being paid.
“This cut off the gas that is fueling Hive’s fire,” Wray said.
The investigation is still ongoing, said Hussain, as ransomware continues to surge. Statistics Canada reported that ransomware attacks amounted to 11 per cent of all cyber security incidents in 2021.
“There’s no end in sight to cybercrime right now,” Hussain said.
CTVNews.ca Top Stories
An El Nino-less summer is coming. Here's what that could mean for Canada
As Canadians brace themselves for summer temperatures, forecasters say a weakening El Nino cycle doesn’t mean relief from the heat.
Stamp prices rise for the third time in five years amid financial woes for Canada Post
Canada Post is increasing stamp prices for the third time since 2019, a move the Crown corporation says is a "reality" of its sales-based revenue structure.
NDP calls out Conservatives for effort to squash pharmacare legislation
The federal New Democrats are calling out Conservative Leader Pierre Poilievre and his party for trying to block the bill that could pave the way for millions of Canadians to access birth control and diabetes coverage.
Winnipeg man admits to killing four women, argues he's not criminally responsible
Defence lawyers of Jeremy Skibicki have admitted in court the accused killed four Indigenous women, but argues he is not criminally responsible for the deaths by way of mental disorder – this latest development has triggered a judge-alone trial rather than a jury trial.
Mediterranean staple may lower your risk of death from dementia, study finds
A daily spoonful of olive oil could lower your risk of dying from dementia, according to a new study by Harvard scientists.
Ontario MPP asked again to leave Ontario legislature over keffiyeh, Speaker loosens ban
An Ontario MPP was asked again to leave the Ontario legislature on Monday for wearing a keffiyeh, a garment that was banned by the Speaker last month due to its political symbolism.
WATCH Avian flu: Risk to humans grows as outbreaks spread, warns expert
H5N1 or avian flu is decimating wildlife around the world and is now spreading among cattle in the United States, sparking concerns about 'pandemic potential' for humans. Now a health expert is urging Canada to scale up surveillance north of the border.
Trudeau Liberals to unveil new bill Monday aimed at countering foreign interference
Democratic Institutions Minister Dominic LeBlanc will be tabling legislation on Monday aimed at countering foreign interference in Canada. Federal officials have scheduled a technical briefing on the incoming bill for Monday afternoon.
Human remains were found at a former Hitler base, but decay prevents determining the cause of death
Polish prosecutors have discontinued an investigation into human skeletons found at a site where German dictator Adolf Hitler and other Nazi leaders spent time during the Second World War because the advanced state of decay made it impossible to determine the cause of death, a spokesman said Monday.