The AP on Wednesday took control of the infrastructure behind a massive network that criminals use to carry out cybercrime.
Why it matters: By claiming the infrastructure, authorities cracked down on cybercriminals using Emotet – one of the world’s largest networks of hijacked computers – to install ransomware as part of extortion schemes and financial theft.
Context: Ransomware criminals have paralyzed healthcare systems and governments using networks of hijacked computers like Emotet.
- Ransomware works by confusing a victim’s data so that criminals can claim money in exchange for decoding software to recover the data.
The whole picture: The European Union police and the judicial agencies Europol and Eurojus, two agencies in The Hague, coordinated the operation with authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania, Canada and Ukraine.
Meantime: The FBI announced on Wednesday that it was arresting a Canadian as part of an attempt to disrupt the loose-leaf NetWalker, which he said targeted the health care sector. Included in the arrest was the seizure of nearly half a million dollars worth of cryptocurrency.
Thought bubble, via Zach Dorfman of the Aspen Institute: the large number of countries and the extent of the surgery and coordination headaches show how serious a challenge cybercriminals and botnets have become.
- As Wired notes, it was a “global effort” that removed the command-and-control infrastructure in 90 countries.
- And unlike a joint public-private action last year that hampered the massive Trickbot botnet, it appears the move against Emotet is aimed at crushing it permanently.
Go deeper: The rise and rise of ransomware