An incident takes place. Law enforcement investigates. A culprit is identified, apprehended and prosecuted.
That's typically how we think of addressing a crime. But as some ransomware victims may now be discovering, that process is much more complicated when the criminal is on another continent and the crime takes place virtually.
A in recent months has compromised critical infrastructure and disrupted daily life across the United States and globally, with one massive attack last week on software vendor Kaseya potentially around the world. Cyber researchers say the attack was carried out by REvil, a group with suspected ties to Russia that also hit meat processing company JBS Foods , Apple supplier Quanta Computer and electronics maker Acer in .
And it's not just REvil. Hackers with links to Russia are believed to have been behind the high-profile and attacks. Moreover, recent ransomware on Microsoft and have been linked to hackers in China.
Ransomware gangs have extracted payments worth millions of dollars in recent months and REvil is now for a decryptor tool following its attack on Kaseya. U.S. authorities generally discourage companies from paying ransoms, on the grounds that doing so only emboldens cyber criminals.
Bringing them to justice, however, is a more complex process involving a web of local, federal and even international authorities. The process can take years, with no guarantee of a successful outcome. And during that time, the number of ransomware attacks only continues to grow.
Prominent hacker groups such as REvil are often quick to take public credit for their attacks, but tracing the actual individuals behind those groups and their whereabouts can be incredibly difficult.
Cybersecurity experts recommend that impacted organizations contact local law enforcement and the FBI. Other federal agencies such as the Department of Homeland Security and the U.S. Computer Emergency Readiness Team often , too.
In April, the U.S. Department of Justice after what an agency memo described as the worst year ever for those types of cyberattacks. The goal is to unify efforts across the federal government to pursue and disrupt ransomware attackers.
"The hackers' groups are part of organized criminal rings and often operate remotely and in a decentralized fashion," Beenu Arora, cofounder and CEO of cybersecurity firm Cyble, told CNN Business. "These actors often deploy intermediaries to communicate with each other," he added.
The private companies that are most often victims of these ransomware attacks can be blindsided about "who actually attacked them" because of the sophisticated nature of the attackers, according to Anup Ghosh, CEO of Fidelis Cybersecurity and a former researcher at the Department of Defense.
"Unlike a physical attack where you can do identification, in cyberspace it's very difficult to do attribution with certainty," he said.
If the ransomware attackers are based in a different country, as they often are, that requires U.S. officials to pursue international cooperation and diplomacy that can further slow down and complicate the prosecution process.
"The major challenges in bringing international hacker groups to justice are having to conduct foreign operations through additional layers of bureaucracy of our international counterparts," said Bret Fund, head of cybersecurity at the Flatiron School. "This includes less access to on-the-ground resources to investigate, gather intelligence and support the prosecution across borders."
If that's not enough, some countries also use access to cyber criminals as a diplomatic bargaining chip, according to Bryan Hornung, CEO of cybersecurity firm Xact IT Solutions.
"Russia sees cyberattacks... as a way to sow discord and give the U.S. and democracy a black eye," Hornung said, pointing to Russia's to extradite criminals only if the United States reciprocates.
The code behind REvil's attack was written in such a way that it avoids Russian or related languages, according to a report by cybersecurity firm Trustwave SpiderLabs, which was obtained by . The firm said this is likely designed to avoid running afoul of local enforcement in the countries they operate in.
The Biden administration is to finalize a government-wide strategy on how to respond to ransomware attacks, with the National Security Council working to coordinate a plan of action in recent days, according to officials and experts involved in the discussions. Another meeting on the subject is expected to take place next week between U.S. and Russian officials, White House Press Secretary Jen Psaki said Wednesday.
President Joe Biden confronted Russian President Vladimir Putin about the scourge of ransomware attacks during a summit in Geneva last month, a meeting he shortly after the Kaseya attack.
"[If] it is either with the knowledge of and/or the consequence of Russia, then I told Putin we will respond," the president said Saturday.
After the attackers or hacker groups are located and prosecuted overseas — often with the help of law enforcement agencies such as Interpol and Europol — the next challenge is to bring them back to the U.S. justice system.
The United States has extradition treaties with , but there are dozens more, including Russia and China, with which it does not. In those cases, U.S. authorities often wait until the hackers travel to a friendlier country in order to capture and extradite them — like they did with Russian hackers (from Israel) in 2019 and (from the Czech Republic) in 2018. (Burkov to multiple charges against him and was last June for operating websites that sold stolen data Nikulin was a few months later for hacking into companies such as LinkedIn and Dropbox.)
Those extraditions can often take years, with U.S. authorities having little control over the process and timeline. Both Burkov and Nikulin, for instance, were sentenced more than five years after their initial crimes were said to have taken place. In Burkov's case, the extradition process alone took nearly four years.]
"The United States works with foreign authorities to locate wanted persons and then to request the extradition of the person," the Department of Justice explains . "However, the extradition case is handled by the foreign authorities in the foreign courts. Once the extradition request is submitted to the foreign government, the United States does not control the pace of the proceedings."
While there is a greater push to cooperate on cybersecurity issues from the United States as well as other countries, coordinating those responses is turning into a race against time as new ransomware attacks continue to take place by the week, if not by the day.
"You can think of this as closer to organized crime, and the kind of task force that you've seen in the past against organized crime," said Ghosh. "It takes a long time to really map these criminal gangs, understand their heads and take them down, and requires cooperation of other countries, so those are longer timelines."
A $2.14-billion federal loan for an Ottawa-based satellite operator has Canadian politicians arguing about whether American billionaire Elon Musk poses a national security risk.
Specialist divers surveying the wreckage of the US$40 million superyacht that sank off Sicily in August, killing seven people including British tech tycoon Mike Lynch, have asked for heightened security to guard the vessel, over concerns that sensitive data locked in its safes may interest foreign governments, multiple sources told CNN.
Twenty-seven year Â鶹ӰÊÓ reporter and anchor John Vennavally-Rao shares his story of what it was like to have an ostomy bag as part of his health-care battle. 'I’m grateful for what it did to extend my life,' he writes in a personal column for CTVNews.ca.
The British Columbia election campaign is set to officially start today, with Lt.-Gov. Janet Austin issuing the writ for the Oct. 19 vote.
A northern Ontario man is facing a $12,000 fine after illegally shooting a moose near the Batchawan River.
A new study is adding to emerging research showing that exposure to metals such as cadmium, uranium and copper may also be associated with the leading cause of death worldwide, cardiovascular disease.
Unusual flippered feet are making their way into the Saint Lawrence River this weekend. Led by underwater explorer and filmmaker Nathalie Lasselin, volunteer divers are combing the riverbed near Beauharnois in Montérégie to remove hundreds of tires that have been polluting the aquatic environment for decades.
The Lebanese militant group Hezbollah announced that it fired a barrage of missiles at a military base deep inside Israel early Sunday following an Israeli airstrike more than a day earlier that killed at least 37 people, including one of the militant group’s senior leaders as well as women and children.
A sea lion swam free after a rescue team disentangled it near Vancouver Island earlier this week.
A man is facing numerous drug trafficking charges after Dufferin OPP seized a large assortment of drugs and weapons in Orangeville earlier this week.
The London Police Service (LPS) is currently investigating a suspicious death in the east end.
The British Columbia election campaign is set to officially start today, with Lt.-Gov. Janet Austin issuing the writ for the Oct. 19 vote.
A sea lion swam free after a rescue team disentangled it near Vancouver Island earlier this week.
A northern Ontario man is facing a $12,000 fine after illegally shooting a moose near the Batchawan River.
A body has been found in the vicinity where a woman went missing on the Ottawa River near Pembroke, Ont. while kayaking Tuesday night, according to the Ontario Provincial Police (OPP).
Donald Trump returned to North Carolina on Saturday, stumping in the southern battleground state with direct appeals to women, claiming he would be a better champion for them than U.S. Vice President Kamala Harris, who is vying to become the first female president.
Sheba, a 50-year-old seal at the Cornish Seal Sanctuary in southwest England, has far surpassed the average lifespan for seals and could be the oldest in captivity in the world.
The more Chelsea Walsh talked to the eccentric fellow American who seemed to pop up in every square and cobblestone street of Ukraine's capital, the more she got creeped out.
Specialist divers surveying the wreckage of the US$40 million superyacht that sank off Sicily in August, killing seven people including British tech tycoon Mike Lynch, have asked for heightened security to guard the vessel, over concerns that sensitive data locked in its safes may interest foreign governments, multiple sources told CNN.
The Lebanese militant group Hezbollah announced that it fired a barrage of missiles at a military base deep inside Israel early Sunday following an Israeli airstrike more than a day earlier that killed at least 37 people, including one of the militant group’s senior leaders as well as women and children.
A $2.14-billion federal loan for an Ottawa-based satellite operator has Canadian politicians arguing about whether American billionaire Elon Musk poses a national security risk.
Foreign Affairs Minister Melanie Joly says close to 45,000 Canadians are in Lebanon, months after warning there is no guarantee Ottawa can evacuate them if the situation deteriorates further.
The federal firearm buyback program has cost taxpayers nearly $67.2 million since it was announced in 2020, but it still hasn't collected a single gun.
A new study is adding to emerging research showing that exposure to metals such as cadmium, uranium and copper may also be associated with the leading cause of death worldwide, cardiovascular disease.
For some young people, a popular method for getting a quick high is by misusing laughing gas — and lately, that’s in the form of nitrous oxide from products sold by the company Galaxy Gas.
Looking after an adult with severe autism can be a full-time job. Ask any parent who has a child severely affected by autism spectrum disorder – it’s a job that can get more difficult as the child becomes an adult.
If something looks too good to be true, it might be. That's the message from Saskatchewan horticulturists after customers have come into their stores hoping to buy purple apple trees this month.
The owner of the shuttered Three Mile Island nuclear power plant said Friday that it plans to restart the reactor under a 20-year agreement that calls for tech giant Microsoft to buy the power to supply its data centers with carbon-free energy.
Lebanese authorities on Thursday banned walkie-talkies and pagers from being taken on flights from Beirut airport, the National News Agency reported, after thousands of such devices exploded during a deadly attack on Hezbollah this week.
Kathryn Crosby, who appeared in such movies as 'The 7th Voyage of Sinbad', 'Anatomy of a Murder,' and 'Operation Mad Ball' before marrying famed singer and Oscar-winning actor Bing Crosby, has died. She was 90.fff
'Saturday Night Live' will have a slew of famous faces to help kick off its historic 50th season when the show returns later this month.
The death of the Tragically Hip’s lead singer Gord Downie united fans across Canada in their grief, but in many ways pulled his bandmates apart.
It is not a great time to be a coffee drinker. In general, coffee bean prices are the highest they've been in more than a decade.
The maker of the popular party game Cards Against Humanity is accusing Elon Musk's SpaceX of trespassing on and damaging a plot of vacant land the company owns in Texas.
The Canadian Food Inspection Agency says a recall of Nutrabolics brand Feed Me Vegan Real Food Protein & Oats bars due to undeclared milk has been expanded.
Tattoos are becoming more common in today's society and, as a result, appear to be more acceptable in the workplace than they used to be.
The end of the day — when school, extracurricular activities and homework are (hopefully) finally done — is the window that many kids have for downtime. It can be a struggle to convince them not to go on their phones.
While slang may come and go, experts say the phenomenon behind them, which constantly churns out brand-new bon mots, is as old as language itself.
Jonathan Aranda homered for the second consecutive game, helping Taj Bradley and the Tampa Bay Rays beat the Toronto Blue Jays 3-2 on Saturday.
Kiefer Sherwood spent several nights last spring chasing Quinn Hughes around the ice and generally pestering the Vancouver Canucks.
Cole Haas is more than just an avid fan of the F.W. Johnson Wildcats football team. He's a fixture on the sidelines, a source of encouragement, and a beloved member of the team.
General Motors (GM) has issued a recall for 38,000 vehicles for safety risks related to a software glitch, Transport Canada reported in a notice on Wednesday.
Chechen leader Ramzan Kadyrov has accused Tesla CEO Elon Musk of 'remotely disabling' his Cybertruck, which had been sent to the frontline of Russia's war in Ukraine.
An Ontario man says it is 'unfair' to pay a $1,500 insurance surcharge because his four-year-old SUV is at a higher risk of being stolen.
Cole Haas is more than just an avid fan of the F.W. Johnson Wildcats football team. He's a fixture on the sidelines, a source of encouragement, and a beloved member of the team.
Getting a photograph of a rainbow? Common. Getting a photo of a lightning strike? Rare. Getting a photo of both at the same time? Extremely rare, but it happened to a Manitoba photographer this week.
An anonymous business owner paid off the mortgage for a New Brunswick not-for-profit.
They say a dog is a man’s best friend. In the case of Darren Cropper, from Bonfield, Ont., his three-year-old Siberian husky and golden retriever mix named Bear literally saved his life.
A growing group of brides and wedding photographers from across the province say they have been taken for tens of thousands of dollars by a Barrie, Ont. wedding photographer.
Paleontologists from the Royal B.C. Museum have uncovered "a trove of extraordinary fossils" high in the mountains of northern B.C., the museum announced Thursday.
The search for a missing ancient 28-year-old chocolate donkey ended with a tragic discovery Wednesday.
The Royal Canadian Mounted Police is celebrating an important milestone in the organization's history: 50 years since the first women joined the force.
It's been a whirlwind of joyful events for a northern Ontario couple who just welcomed a baby into their family and won the $70 million Lotto Max jackpot last month.
A six-year-old girl who was reported missing in northern B.C. earlier this week remains unaccounted for, and "significant resources from across the province" have joined in the search, police said Saturday.
Volunteers and staff members gathered along Vancouver’s Stanley Park Seawall Saturday to pick up litter as part of International Coastal Cleanup Day.
A heritage home in Vancouver suffered "extensive damage" in a fire that broke out late Saturday morning, according to firefighters.
Toronto police are investigating a shooting in Scarborough that left one person injured Saturday night.
A pedestrian was struck by a vehicle involved in a collision in Scarborough Saturday evening, Toronto police said.
A 23-year-old man has been arrested after one person was found dead at a home in Richmond Hill Saturday morning.
Milla White from Cochrane literally drew her way into a meeting with former boxer and actor Mickey Rourke.
The water coming from your taps might be a bit murky Saturday, but Calgary remains on schedule to end all water restrictions on Sunday.
For 12 hours Saturday Canadian Pacific Kansas City (CPCK) employees, service personnel and corporate teams rode spin bikes to raise funds and awareness for charities focusing on housing homeless veterans in Canada and the U.S.
A potential move to LeBreton Flats for the Ottawa Senators is still years away, but questions and concerns are already being raised about what to do with the Canadian Tire Centre.
The Taste of Wellington 2024 wraps up Saturday in Ottawa.
A body has been found in the vicinity where a woman went missing on the Ottawa River near Pembroke, Ont. while kayaking Tuesday night, according to the Ontario Provincial Police (OPP).
Montrealers can get used to taking a stroll on several car-free streets during the summer in the years to come thanks to a new commitment from the city.
Three men were injured after trying to subdue a man armed with a knife during afternoon prayers at a Montreal-area mosque Friday afternoon.
Unusual flippered feet are making their way into the Saint Lawrence River this weekend. Led by underwater explorer and filmmaker Nathalie Lasselin, volunteer divers are combing the riverbed near Beauharnois in Montérégie to remove hundreds of tires that have been polluting the aquatic environment for decades.
The Edmonton Police Service is looking for a person of interest in connection with a suspicious fire that destroyed a multi-unit building and damaged several townhomes earlier this week.
Tattoos are becoming more common in today's society and, as a result, appear to be more acceptable in the workplace than they used to be.
Two people have been charged after a daylight shooting in Red Deer earlier this week.
Halifax Regional Police warned the public of a series of high-value thefts targeting retail stores Friday.
Pictou County District RCMP is investigating a fatal crash that occurred in Thorburn, N.S., Saturday.
A proposal for additional parking to accommodate upgrades at the Irving Pulp & Paper Mill in Saint John, N.B., would add an estimated 500 parking spots at Wolastoq Park.
The search for a missing six-year-old boy in Shamattawa is continuing Friday as RCMP hope recent tips can help lead to a happy conclusion.
A herd of dogs paid visit to patients and residents at Riverview Health Centre during an annual event that lifts spirits and wags tails.
While slang may come and go, experts say the phenomenon behind them, which constantly churns out brand-new bon mots, is as old as language itself.
Fire officials are investigating after a fire completely destroyed the community fridge in the Cathedral neighborhood.
The last two months after losing her daughter Bella have been extremely difficult for Kyla Thomson.
Regina police arrested three youths in connection to a bear mace incident at a Regina high school on Friday.
The Cambridge Professional Fire Fighters’ Association held their annual Muscular Dystrophy Boot Drive on Saturday.
Protests were held in front of Kitchener City Hall on Friday, both for and against LGBTQ2S+ inclusive education and queer rights in schools.
Police said the pedestrian, a 52-year-old man, was taken to an out-of-region hospital with life-threatening injuries and the driver of the vehicle failed to remain at the scene.
The 75-year-old building, formerly the Waskesiu Chamber of Commerce building, was relocated to the Parks Canada compound on the edge of the townsite.
Saskatchewan RCMP major crimes unit is investigating after a man’s body was found on Sweetgrass First Nation.
Motors were roaring, and tires were spinning as Saskatoon's biggest names in motocross gathered together for the 50-year anniversary of the club's founding on Saturday.
Ontario’s police watchdog is investigating after an Ontario Provincial Police officer discharged his firearm at a 36-year-old man in near Moonbeam, Ont., on Friday night.
For some young people, a popular method for getting a quick high is by misusing laughing gas — and lately, that’s in the form of nitrous oxide from products sold by the company Galaxy Gas.
An Ontario woman is among the dozens of people who have come forward to allege that they were sexually abused by London-based businessman Mohamed Al Fayed, the former chairman and owner of Harrods.
A motorcyclist has died following a serious collision that took place in London’s south end on Friday afternoon.
The London Police Service (LPS) is currently investigating a suspicious death in the east end.
The St. Thomas police is asking the public for help locating a missing man.
The Barrie Skateboard Association (BSA) hosted a unique competition at the City's Skate Park on Saturday to celebrate its 25th anniversary, which showcased the park's importance and the growth of skateboarding in the region.
A man is facing numerous drug trafficking charges after Dufferin OPP seized a large assortment of drugs and weapons in Orangeville earlier this week.
One person is in hospital after an e-bike crash in Orillia on Thursday.
The Amherstburg Freedom Museum is celebrating a year of festivities in anticipation of its 50th anniversary in 2025.
The St. Clair College golf teams were successful at the Niagara Knights Invitational tournament on Friday.
A LaSalle high school is celebrating its emerald anniversary this weekend, with everyone who has ever walked its halls invited to return.
A man who was found dead behind a curling rink in Nanaimo, B.C., earlier this month was the victim of a homicide, police confirmed.
A sea lion swam free after a rescue team disentangled it near Vancouver Island earlier this week.
A six-year-old girl who was reported missing in northern B.C. earlier this week remains unaccounted for, and "significant resources from across the province" have joined in the search, police said Saturday.
A pair of runaway pigs are in the custody of an animal sanctuary in the Okanagan after evading police and volunteers for hours earlier this week.
The Red Bridge, a historic landmark in Kamloops, B.C., was completely destroyed by fire early Thursday morning.
Animal protection officers in British Columbia have rescued three pit bulls – including one that gave birth to 10 puppies – from a rat-infested home in Kelowna.
Despite the heavy rain, plenty of muscle turned up for United Way’s annual Pull the Bus fundraiser in Lethbridge Friday.
Lethbridge County has rescinded its fire restriction as a result of the recent cool, wet weathr.
The Lethbridge Hurricanes kicked off the 2024-25 season on a winning note Friday night, defeating the Edmonton Oil Kings 3-1 in a game played at VisitLethbridge.com Arena.
A northern Ontario man is facing a $12,000 fine after illegally shooting a moose near the Batchawan River.
Following an outbreak of COVID-19 on its continuing care floor and just ahead of the flu season, St. Joseph’s General Hospital in Elliot Lake has opted to re-introduce a universal masking policy until further notice.
A 26-year-old driver from Surrey, B.C., has been charged with three counts of criminal negligence causing death and bodily harm in a crash that killed two youths in northern Ontario last year.
Newfoundland and Labrador's chief medical officer is monitoring the rise of whooping cough infections across the province as cases of the highly contagious disease continue to grow across Canada.
A 16-year-old biennial event aimed at fostering business in the country's eastern Arctic and northern regions has been cancelled indefinitely as a dispute unfolds between Inuit in Canada and a Labrador group claiming to share their heritage.
Jim Lester’s farm hopped on the cow-cuddling trend in early August, and his time slots have been pretty well sold out ever since.
The Shopping Trends team is independent of the journalists at Â鶹ӰÊÓ. We may earn a commission when you use our links to shop. Read about us.
