Russian cybercriminals behind a series of disruptive £27m ransomware attacks in the UK have been sanctioned in a joint action with the United States.
The seven offenders were identified after a long investigation by the National Crime Agency (NCA) into the Trickbot malware group, as well as the Conti and Ryuk ransomware strains.
The NCA reckons they extorted £27m from 149 British victims including hospitals, schools, businesses and local authorities.
The real cost is thought to be much higher.
The sanctions were confirmed on February 9 by the Foreign, Commonwealth and Development Office alongside the US Department of the Treasury’s Office of Foreign Assets Control (OFAC).
They were part of a concerted campaign by the UK and the US to tackle the menace of international cybercrime.
The seven will now be subject to travel bans and asset freezes, and are severely restricted in their use of the global financial system.
UK SECURITY NEWS
NCA Director-General Graeme Biggar said: “This is a hugely significant moment for the UK and our collaborative efforts with OFAC to disrupt international cyber criminals.
“The sanctions are the first of their kind for the UK and signal the continuing campaign targeting those responsible for some of the most sophisticated and damaging ransomware that has impacted the UK and our allies.
“They show that these criminals and those that support them are not immune to UK action, and this is just one tool we will use to crack down on this threat and protect the public.
“This is an excellent example of the dedication and expertise of the NCA team who have worked closely with partners on this complex investigation.
“We will continue to deploy our unique capabilities to expose cyber criminals and work alongside our international partners to hold those responsible to account, wherever they are in the world.”
The National Cyber Security Centre (NCSC) assessed that key members of the Conti group “highly likely” maintain links to the Russian Intelligence Services.
NCSC chief executive officer Lindy Cameron said: “Ransomware is the most acute cyber threat facing the UK, and attacks by criminal groups show just how devastating its impact can be.
“The NCSC is working with partners to bear down on ransomware attacks and those responsible, helping to prevent incidents and improve our collective resilience.
“It is vital organisations take immediate steps to limit their risk by following the NCSC’s advice on how to put robust defences in place to protect their networks.”