Peel police say a cross-border investigation has taken down the infrastructure of a notorious ransomware group they allege has targeted at least 71 Canadian businesses since late 2021.
Peel police say they were the lead Canadian agency in an investigation leading to the dismantling of the infrastructure of the HIVE ransomware group.
Police say the ransomware group’s domain was seized as part of the takedown, which involved law enforcement from 12 countries, including the Federal Bureau of Investigation in the U.S. and Europol.
U.S. Attorney General Merrick Garland says the operation saved victims of the syndicate known as HIVE, including hospitals and school districts, a potential $130-million in ransom payments.
The FBI says it was able to obtain software keys to decrypt the network of some 1,300 victims globally, but it’s not clear how the takedown will affect HIVE’s long-term operations.
Experts say ransomware groups such as HIVE operate like criminal multi-level marketing schemes.
Affiliates use the group’s malware to take computer networks hostage then share any potential ransoms with the group.
Statement from Peel Deputy Chief Nick Milinovich:
I thank our dedicated Peel Regional Police investigators and federal law enforcement agencies within Canada, North America, and overseas for the success of this project and for our on-going strategic partnerships. These complex cybercrime investigative collaborations are making significant progress in disrupting and dismantling sophisticated, global cybercriminal enterprises. In working together with our national and international policing partners, we leverage the very best intelligence data to hold accountable those threat actors that victimize our communities.