The IT infrastructure of a ransomware gang that launched a file encrypting malware attack was seized in an operation led by Gardai, the Cyber Crime Bureau, operating from Dublin. And news is out that this activity has prevented over 750 ransomware attacks from being launched on the companies operating in Europe, Asia and some metro cities of United States.
Cybersecurity Insiders has learnt that the operation to seize the servers of the ransomware gang named Wizard Spider Group was launched as soon as the said criminal gang operating from Russia targeted the servers of Health Service Executive (HSE) of Ireland.
Earlier, it was thought that the hackers behind the attack were linked to Conti Ransomware gang. However, Gardai in association with other international law enforcement agencies such as Interpol and Europol conducted a preliminary inquiry to find out that the gang behind the server encryption was a cyber crime group based in Saint Petersburg, Russia.
Any companies that became a victim of the Wizard Spider attacks will be contacted by the Garda National Cyber Crime Bureau (GNCCB) for attack analysis and information to share with other agencies.
On May 28th, 2021, HSE confirmed that the hackers could have accessed and hacked medical records pertaining to 520 patients, as well as corporate documents that were published online later.
By June 2021, the Ireland’s healthcare agency issued a public statement that over 70% recovery of its computer devices was completed and by September end, up to 95% of the servers and devices will be restored.