A joint task force including law enforcement agencies from France, Germany, the Netherlands, Norway, Switzerland, Ukraine, the UK, and the USA, along with Europol and Eurojust, arrested 12 members of criminal organizations involved with ransomware. The arrests occurred in Ukraine and Switzerland. These individuals are alleged to have been involved in every step of the associated kill chain including exploitation, lateral movement, persistence, and deployment of ransomware, as well as money laundering through cryptocurrencies and other criminal activities. These individuals are collectively alleged to be tied to LockerGoga, MegaCortex, and Dharma ransomware, with over 1800 ransom operations conducted world-wide.
There has been increased focus on enforcement actions against such groups, especially in light of the recent October 13th and 14th International Summit on Counter-Ransomware Operations that involved over 30 nations pledging to mitigate the risk of ransomware. While these operations can immediately disrupt organized criminal activities, they are not yet conducted on a large scale that promises to significantly reduce cybercrime activity. Organizations are advised to continue to invest in layered, defense-in-depth approaches to properly mitigate and control risks as appropriate.