The Justice Department has charged 2 hackers for major ransomware attacks
AILSA CHANG, HOST:
The U.S. government is cracking down on international ransomware schemes. Today, Attorney General Merrick Garland unsealed criminal charges against two foreign-born hackers.
(SOUNDBITE OF ARCHIVED RECORDING)
MERRICK GARLAND: The Justice Department is sparing no resource to identify and bring to justice anyone, anywhere who targets the United States with a ransomware attack.
CHANG: All right. NPR's Carrie Johnson has been following this story and joins us now to talk more about it. Hey, Carrie.
CARRIE JOHNSON, BYLINE: Hey, Ailsa.
CHANG: All right, so what exactly are these cyber attackers accused of doing, and how did it affect people here in the U.S.?
JOHNSON: The Justice Department says it's charged two men, one from Ukraine, another from Russia. They're connected to an organized crime group called REvil, and they allegedly conducted at least two huge ransomware attacks, locking up computer systems for ransom money. The victims included hospitals, schools, 911 call centers, local governments and private companies.
CHANG: Foreign-born hackers - one of the challenges that the U.S. government always faces in these kinds of cases is that these perpetrators are overseas, usually far outside the long arm of the American justice system. So what exactly is the status of these two men charged here?
JOHNSON: Yeah, one alleged hacker, the Russian national, is still at large. But the Justice Department says the other man, Yaroslav Vasinskyi, is from Ukraine. He recently traveled to Poland, which has an extradition treaty with the U.S. Here's what the FBI Director Chris Wray had to say about that.
(SOUNDBITE OF ARCHIVED RECORDING)
CHRIS WRAY: There are lots of reasons why people travel. And I can't get into the specific reasons why Mr. Vasinskyi traveled, but boy, are we glad he did.
JOHNSON: So it turns out law enforcement in the U.S. has strong relationships with partners in Poland and Ukraine, which definitely helped in this operation.
CHANG: Definitely. Well, you know, Carrie, I vaguely remember another big Justice Department operation that was focused on ransomware a few months ago. Is there some sort of larger strategy at work here?
JOHNSON: There is. The Deputy Attorney General Lisa Monaco created a task force earlier this year to attack ransomware. The Biden administration wants to make significant arrests, so much so the State Department is rolling out a $10 million reward for the leaders of that REvil group for information that leads to the capture of those guys. It's a criminal problem, but it can also be a national security problem if the hackers go after power plants or other critical industries. Lisa Monaco told me the investigators are moving fast and following the money.
LISA MONACO: We went after the cryptocurrency that was paid in ransom by the victims here, and we went and we traced it, and we seized it. And now we'll be able to return that money to the victims. So we're using every tool at our disposal. We're using all of our authorities, and we're doing it at a scale and a speed that we haven't done before.
JOHNSON: Monaco says the government is going to return more than $6 million to victims in this case alone.
CHANG: Which sounds great, but it's all after the fact - right? Like, these ransomware operations can involve tens of millions of dollars, I hear. So what is the U.S. government doing to prevent some of that money from being stolen in the first place?
JOHNSON: Yeah, the Justice Department had a couple of messages today. It's asking Congress to pass a law that would create a nationwide standard to require companies to report these kinds of ransomware attacks to the federal government as soon as they happen. And the second message the DOJ has is for victims. The federal government can't help you try to get your money back or warn other possible victims unless you come forward quickly to help them solve these cases.
CHANG: That is NPR's Carrie Johnson. Thank you, Carrie.
JOHNSON: My pleasure. Transcript provided by NPR, Copyright NPR.