Twelve people have been targeted by an international law enforcement operation for involvement in over 1,800 ransomware attacks on critical infrastructure and large organisations around the world.
A statement by Europol describes the 12 suspects in Ukraine and Switzerland as “high-value targets” responsible for “wreaking havoc across the world” by distributing LockerGoga, MegaCortex, Dharma and other ransomware attacks against organisations in 71 countries.
But it’s unclear if the individuals have been arrested or charged – a Europol spokesperson told ZDNet that “the judicial process is ongoing”.
The suspects are believed to have various different roles in “aggressive” criminal organisations responsible for encrypting networks with ransomware and demanding a payment in exchange for the decryption key.
SEE: A winning strategy for cybersecurity (ZDNet special report)
Some of the suspects are thought to be involved in compromising the IT networks of targets, while others are suspected of being in charge of laundering Bitcoin payments made by victims.
Europol says that those responsible for breaking into networks did so by using techniques including brute force attacks, SQL injections and sending phishing emails with malicious attachments in order to steal usernames and passwords.
Once inside the networks, the attackers remained undetected and gained additional access using tools