Two suspects have been arrested in connection to the DoppelPaymer ransomware that has caused havoc over the last year, with businesses and governments falling victim. In this article, we look in detail at what has happened, and how the suspects have been caught.
The Scope of the DoppelPaymer Attack
DoppelPaymer is a type of ransomware that has been active since 2019. It has been used to conduct a wide range of cyberattacks, targeting both individuals and organizations worldwide. The attacks have been highly disruptive, with the ransomware encrypting victims’ data and then demanding payment in order to regain access.
Reports from the US Cybersecurity and Infrastructure Agency (CISA) and the US FBI show that tens of thousands of computers have been infected with DoppelPaymer, leading to millions of dollars of ransomware payments being demanded.
The Suspects Arrested
On 2nd March 2021, German and Ukrainian authorities conducted a joint operation to arrest two suspected ransomware operators, aged 30 and 31, both Ukrainian citizens. The suspects have been accused of using DoppelPaymer ransomware to attack a number of organizations across Germany.
The German Federal Criminal Police Office (BKA) have been investigating the ransomware attack since 2020. The suspects have been charged with attempted extortion and computer sabotage, and will be extradited to Germany to face trial.
This is a positive step in the fight against cybercrime, as it sends a strong message to future ransomware operators that authorities will not tolerate these activities. However, this is just one attack, and there is still a lot of work to be done in order to protect organizations and individuals from ransomware.
Preventing Ransomware Attacks
The best way to prevent a ransomware attack is by following good cyber security practices. It is important to frequently update software and patch any security vulnerabilities. It is also essential to use a reliable anti-malware solution to protect from any malicious code.
It is also important to be aware of any suspicious emails, as phishing campaigns can be used to deliver ransomware. It is therefore important to double check any attachments before downloading, and be aware of any links that may be malicious.
Finally, it is always advisable to back up any important data, as this will give you an emergency way to access your files in case of an attack.