US offers $15m reward for info on Conti group behind HSE cyberattack

Believed to be based in Russia, the Conti ransomware group being headhunted by the US has made more than $150m in pay-outs. The post US offers $15m reward for info on Conti group behind HSE cyberattack appeared first on Silicon Republic.

US offers $15m reward for info on Conti group behind HSE cyberattack

The US Department of State is offering up to $15m as a reward for any information on the group behind the Conti ransomware variant that crippled the HSE in a cyberattack last year.

This includes a $10m reward for any info that leads to the identification or location individuals holding key leadership positions in the organised crime group behind Conti, as well as a $5m reward for any info leading to the arrest of anyone conspiring or attempting to participate.

First observed in 2020, the Conti ransomware group is believed to be based near St Petersburg, Russia, and has been responsible for hundreds of cyberattacks in the past two years.

In May 2021, the Conti group was behind the significant HSE cyberattack that saw more than 80pc of the IT infrastructure of healthcare services across Ireland impacted in what was said to be the most serious cyberattack ever to hit the State’s critical infrastructure.

Even though Ireland did not eventually pay the group a ransom, the hackers behind Conti made money elsewhere. The FBI estimates that as of January 2022, there had been over 1,000 victims of attacks associated with Conti ransomware with victim pay-outs exceeding $150m.

The US Department of State, which announced the rewards last Friday (6 May), said that this makes the Conti ransomware variant the costliest strain of ransomware ever documented.

“In offering this reward, the United States demonstrates its commitment to protecting potential ransomware victims around the world from exploitation by cybercriminals,” a statement read. “We look to partner with nations willing to bring justice for those victims affected by ransomware.”

Most recently the group behind Conti perpetrated a ransomware incident against the government of Costa Rica that severely impacted the country’s foreign trade by disrupting its customs and taxes platforms. Costa Rica declared a state of national emergency as a result.

In the immediate aftermath of Russia’s invasion of Ukraine in February, a Ukrainian researcher took the cybersecurity world by storm after publishing more than 60,000 internal messages of the Conti group.

According to BleepingComputer.com, he was angered by a blog post made by the hacker group declaring its allegiance to Russia in the ongoing conflict and accessed the back-end of Conti’s XMPP chat server and extracted 60,694 internal messages of the group between January 2021 and February 2022 – providing vital information to any investigation.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

The post US offers $15m reward for info on Conti group behind HSE cyberattack appeared first on Silicon Republic.