UK sanctions members of the Russian cybercrime gang Conti
Following a joint investigation that was led by the National Crime Agency, the UK and US have revealed the identities of several Conti and Trickbot members.
The UK has sanctioned members of a Russian cybercrime gang, following major hacking attacks on hospitals and critical infrastructure like schools and the local authorities.
Evidence shows that the members of the cyber-criminal gang were involved in both the Trickbot and Conti ransomware attacks.
During these attacks in 2020, amid the COVID-19 pandemic, the group hacked into the databases of hospitals and schools.
Conti is a notorious Russian ransomware gang that extorted at least $180 million from vital businesses across the globe in 2021. In February 2022, hours after Putin's full-scale invasion of Ukraine, Conti posted its "full support" of the storming on its website.
While many members of the hacking group live in Russia, reports show that its scope is international.
Trickbot is another Russian ransomware gang that is thought to have been taken over by Conti in recent years.
Trickbot was first identified in 2016 by security researchers, with an investigation that found that the gang had evolved from the Dyre online banking trojan.
The study also found that the group operated in Moscow and targeted non-Russian businesses.
Both Trickbot and Conti members are heavily intertwined, with members colluding before the cyberattacks are carried out.
Alex Holden, who founded Hold Security, a company that has tracked Conti members for a decade, revealed: "We see the gang progressing. We see the gang living. We see the gang committing crimes and changing over the course of several years."
11 members of the gangs have since been identified by the UK and US, who compiled an investigation to counter the threat of ransomware both in the UK and abroad. As a result, each member has had their assets frozen and are restricted by travel bands.
The National Crime Agency (NCA), which led the complex examination of the suspects who set out to disrupt and impose costs on high-harm cyber criminals, found that the Conti group had also stolen more than £27 million from around 149 UK businesses.
The 11 members, which include Maksim Rudenskiy, Mikhail Tsarev and Maksim Khaliullin, who were given leading roles in the cybercrime gangs, have also been sanctioned by the US.
It has also been found that both Maksim Khaliullin and Mikhail Tsarev were given the roles of recruiting new members.
Yesterday, Thursday 8 September, Foreign Secretary James Cleverly announced: "These cyber criminals thrive off anonymity, moving in the shadows of the internet to cause maximum damage and extort money from their victims."
"Our sanctions show they cannot act with impunity. We know who they are and what they are doing," he added.
Mr Cleverly also noted how removing the anonymity of the individuals undermines their criminal businesses that threaten the security of UK businesses.
Mr Cleverly said: "By exposing their identities, we are disrupting their business models and making it harder for them to target our people, our businesses and our institutions."
The names of the 11 identified gang members, who are all Russian nationals, include Andrey Zhuykov, Maksim Galochkin, Maksim Rudenskiy, Mikhail Tsarev, Dmitry Putilin, Maksim Khaliullin, Sergey Loguntsov, Alexander Mozhaev, Vadym Valiakhmetov, Artem Kurov and Mikhail Chernov.
Reports also suggest that the groups have received tasking from the Russian Intelligence Services, while also maintaining their links with the Russian authorities throughout the Russia-Ukraine conflict.
Security Minister Tom Tugendhat shows that the cyber gang revelation proves that the UK has "the skills and resources to find and unmask criminals who attempt to steal from British businesses", including schools and hospitals.
Since the members were sanctioned in what was "the first-ever joint UK-US sanctions against ransomware actors", seven more participants of the gang have been identified and restricted.
© Copyright IBTimes 2024. All rights reserved.