How a Toronto-area police force helped take down a Russian-linked ransomware group
A Toronto-area police force is opening up about how it became involved in the international efforts to legally hack one of the most aggressive ransomware groups in the world.
The contributions by Peel Regional Police are one reason a Canadian flag is among the icons displayed on what used to be the dark website for the Russian-linked ransomware group Hive, along with the logos of the U.S. Department of Justice, the FBI, and a variety of police forces around the world.
Peel’s officers got involved early when a business in the area came to them in 2021, saying their systems were down and a text message on their desktops showed a ransom note, said Detective Const. Karim Hussain in an interview with CTV News Toronto.
“We had one of the first cases in Canada of Hive ransomware,” said Hussain. “It was the first to market. At the time we started gathering evidence, Hive was a fairly new ransomware group. Everything we brought to the table was interesting because no one had seen it before.”
Details of the case matched with other high-profile incidents, including a hospital in Louisiana where hackers accessed data on 270,000 patients, and a hospital in Ohio that was attacked and couldn’t accept new patients even as COVID-19 cases were surging.
Those were among more than 1,500 attacks worldwide that had the digital fingerprints of Hive, a group whose affiliates have netted some $150 million since 2021, police say, as they extort businesses for money in exchange for getting access to their data or their system back.
The attacks are done through a “ransomware as a service” model, meaning a small group of people design malicious software, and then share the tool with many others, rapidly scaling up their attacks before the security holes they exploit can be plugged.
“You have an overarching group that provides everything down to the infrastructure, to lesser-capable cyber criminals, and they provide them the tools to conduct the hack,” Hussain said.
The case brought Peel Police together with other forces wrestling with the impact of Hive, including the RCMP, the FBI, police in France, Germany, Norway, and Lithuania.
Earlier this year, the group struck back, taking control of Hive’s website and replacing it with a landing page bearing the logos of many investigating agencies.
“Simply put, using lawful means, we hacked the hackers,” said U.S. Deputy Attorney General Lisa Monaco in a press conference in January.
She added that the police discovered and then freely distributed decryptor keys that could help anyone who had been attacked recover their data or free their systems on their own.
FBI director Christopher Wray said those actions had stopped some $130 million in ransoms from being paid.
“This cut off the gas that is fueling Hive’s fire,” Wray said.
The investigation is still ongoing, said Hussain, as ransomware continues to surge. Statistics Canada reported that ransomware attacks amounted to 11 per cent of all cyber security incidents in 2021.
“There’s no end in sight to cybercrime right now,” Hussain said.
CTVNews.ca Top Stories
Here's how some of Canada's wildfires compare in size to cities, lakes
Fires across the country are burning millions of hectares of land but what does that really look like? CTVNews.ca compared the blazes to some cities and lakes in the country showing just how big they have gotten.
Donald Trump described Pentagon plan of attack and shared classified map, indictment says
Former U.S. president Donald Trump is facing 37 felony charges related to the mishandling of classified documents, according to an indictment unsealed Friday that alleges that he described a Pentagon 'plan of attack' and shared a classified map related to a military operation.
BREAKING
BREAKING | Boris Johnson quits as U.K. lawmaker after being told he will be sanctioned for misleading Parliament
Former U.K. Prime Minister Boris Johnson shocked Britain on Friday by quitting as a lawmaker after being told he will be sanctioned for misleading Parliament.
Reactive to proactive: A push for a national campaign on wildfire education in Canada
Despite the alarming facts and figures, experts say Canada is far more reactive than it is proactive when it comes to wildfires and they’re calling for a national campaign on wildfire education to better prepare for the future.
Three people charged in alleged abduction of N.L. teen after Amber Alert issued
Police in Newfoundland and Labrador say three people are facing charges following the alleged abduction of a 14-year-old girl.
Eyes on the weather as residents pack and flee from fierce wildfire in northeast B.C.
Showers are predicted Saturday over the aggressive wildfire threatening Tumbler Ridge, but forecasters say thunderstorms could sweep through the parched region without bringing any rain.
Air Canada walks back compensation denials after thousands delayed due to tech issues
Air Canada says it made a mistake in rejecting some compensation claims from the thousands of travellers affected by delayed flights due to computer malfunctions.
Corrections defends Bernardo's privacy, as it faces calls to detail transfer reason
The Correctional Service of Canada is defending Paul Bernardo's privacy rights after the public safety minister said they should be waived.
What is Temu? Shopping app that didn't exist 4 months ago now a source of privacy concerns
A shopping app that didn’t exist four months ago is making quite the splash for online shoppers. But experts warn of potential data dangers for Canadian customers.
Montreal
-
Violent crimes rose in 2022, car thefts skyrocketed: Montreal police
Montreal police (SPVM) stats for 2022 show that crime went up dramatically in 2022 and, taking COVID-19 pandemic numbers into account, violent crimes have been on the rise overall since 2017. In addition, motor vehicle thefts skyrocketed, having more than doubled since pre pandemic years.
-
Plante vows to crack down on illegal magic mushroom dispensary slated to open in Montreal
A chain of illegal magic mushroom dispensaries in Ontario is determined to open a location in Montreal this summer despite the threat of a crackdown by Mayor Valerie Plante.
-
Three Montreal residents facing charges after officer struck by vehicle during stolen car investigation in Gatineau, Que.
Three Quebec residents, including a 15-year-old boy, are facing several charges after a police officer was struck by a vehicle during an investigation into a stolen vehicle in Gatineau, Que.
London
-
Three-vehicle collision in south London, Ont. sends one to hospital
A three-vehicle collision on Wellington Road resulted in an SUV flipping onto its roof and one person being sent to hospital Friday afternoon.
-
VIDEO
VIDEO | Woman riding mobility scooter struck by vehicle in south London, Ont.
Just after 9 a.m. a woman on a mobility scooter was struck by a white pickup while she was crossing southbound on Wharncliffe Road at Southdale Road.
-
Neighbours warn of near collisions and injury at busy London intersection
Residents said a London, Ont. intersection is confusing, poorly designed and dangerous — and they want immediate action to fix it. They are concerned about the intersection of Queens Avenue and English Street.
Kitchener
-
Crash closes Hwy. 401 westbound outside Cambridge, Ont.
Police have shut down a section of Highway 401 westbound between Woodstock and Cambridge after a crash involving a transport truck and an Ontario Ministry of Transportation vehicle.
-
Fifth suspicious fire under investigation in Mount Forest
Ontario Provincial Police (OPP) is investigating another suspicious fire in Mount Forest, bringing the total to five fires in five days.
-
Six Nations' Brandon Montour flew home for son's birth between playoff games
Scoring the opening goal of game three of the Stanley Cup finals wasn’t the only celebration Florida Panthers defenceman Brandon Montour was a part of this week.
Northern Ontario
-
Forest fires could force Temiskaming Hospital to cancel more surgeries
Poor air quality in Temiskaming Shores forced the hospital to cancel all surgeries Friday, and depending on the forest fire situation, it may have to cancel more procedures scheduled Monday.
-
Victim shot and killed in Kirkland Lake, police search for homicide suspects
One person has been killed in Kirkland Lake following a shooting Thursday evening on Second Street East.
-
Woman warns Ontario drivers after getting caught up in licence plate cloning scam
An Ontario woman was surprised to find out her licence plate was duplicated by another driver after multiple Highway 407 bills landed in her mailbox.
Ottawa
-
Trans-friendly counter-protesters stand up to activist outside Ottawa schools
Hundreds of counter-protesters gathered near two schools in Ottawa's west end on Friday to take a stand against a B.C. man who is protesting what he calls "gender ideology."
-
This is the proposed new name for Sir John A. Macdonald Parkway
The Sir John A. Macdonald Parkway in Ottawa's west end will be renamed Kichi Zībī Mīkan, if approved by the National Capital Commission's board of directors.
-
Business leaders call on governments to make downtown Ottawa a 'top priority'
The Ottawa Board of Trade has unveiled a "roadmap to transformation' for downtown Ottawa, and is calling on all three levels of government to declare the core "their top priority."
Windsor
-
'It’s not gonna bring my daughter back': Jury hands three men guilty verdicts in death of Windsor woman
Guilty verdicts have been handed to three Kitchener men charged in the murder of a Windsor woman.
-
Windsor’s unemployment rate is second-highest in Canada
Windsor has the second-highest unemployment rate in Canada, according to Statistics Canada.
-
Special events buses between Windsor-Detroit sell out for Taylor Swift concerts
Transit Windsor says the Special Event tunnel buses are sold out for the two Taylor Swift concerts this weekend.
Barrie
-
Thousands of dollars lost over gift card scams in Simcoe County
Residents in Simcoe County are being warned of scams involving the purchase of gift cards.
-
-
3 kids from Muskoka area found after OPP issued public appeal
Provincial police with the Bracebridge detachment say a 15-year-old boy, 12-year-old girl, and seven-year-old girl who were reported missing have been found safe.
Atlantic
-
N.S. teachers, students, health care workers impacted by cyber attack
Nova Scotia says it has identified more details about the records stolen in a file transfer service cyber attack, impacting teachers, students and health care workers' records.
-
Halifax-area evacuation order rescinded for most residents
The majority of Halifax-area residents evacuated due to wildfires are now permitted to return home.
-
Three people charged in alleged abduction of N.L. teen after Amber Alert issued
Police in Newfoundland and Labrador say three people are facing charges following the alleged abduction of a 14-year-old girl.
Calgary
-
Premier Smith appoints new Alberta cabinet with many familiar faces in different portfolios
Alberta Premier Danielle Smith named her new cabinet Friday, about two weeks after her United Conservative Party took the majority of seats in Alberta.
-
BREAKING NEWS
BREAKING NEWS | WestJet to wind down Swoop, integrate into main operation
WestJet says it will wind down operations at Swoop as it integrates the budget carrier's operations into its main banner.
-
2-year-old girl dead after going missing near Canmore, Alta., campground
A two-year-old girl who went missing from Canmore's Bow River Campground on Thursday afternoon has died.
Winnipeg
-
Remains found in western Manitoba identified as woman missing since 2020
Mounties say remains found in western Manitoba have been identified as a woman who has been missing for three years.
-
Woman stabbed in 'completely random' attack at Olive Garden: Winnipeg Police
Winnipeg police say a woman is in hospital with severe injuries after she was allegedly stabbed by a man in what police describe as a completely random and unprovoked attack.
-
Gillingham lays out plan to help lower bike thefts in Winnipeg
To combat theft, Mayor Scott Gillingham wants to make the city’s bike registry free and make use of technology.
Vancouver
-
Search for missing Vancouver hiker called off after body recovered: Lions Bay official
The search for a missing hiker in Metro Vancouver has been called off, after the discovery of a body presumed to be that of 29-year-old Michael Tu.
-
31-year-old charged in fatal shooting of Maple Ridge man last year: IHIT
Investigators looking into the death of a Maple Ridge man last April say his suspected shooter has been charged with second-degree murder.
-
Police investigating 'multiple suspicious deaths' in Kelowna home
Mounties in Kelowna say two people are dead after an incident at a home in the city's Upper Mission area Thursday night.
Edmonton
-
Premier Smith appoints new Alberta cabinet with many familiar faces in different portfolios
Alberta Premier Danielle Smith named her new cabinet Friday, about two weeks after her United Conservative Party took the majority of seats in Alberta.
-
BREAKING NEWS
BREAKING NEWS | WestJet to wind down Swoop, integrate into main operation
WestJet says it will wind down operations at Swoop as it integrates the budget carrier's operations into its main banner.
-
Man riding e-bike with knife, baton and shotgun arrested in Red Deer: RCMP
A central Alberta man is facing multiple charges after he was arrested while riding an e-bike armed with a knife.