In a year rife with ransomware attacks, when cybercriminals have held the data of police departments, grocery and pharmacy chains, hospitals, pipelines and water treatment plants hostage with computer code, it was a win, rare in the scale of its success.
For months, a team of security experts raced to help victims of a high-profile ransomware group quietly recover their data without paying their digital assailants a dime.
It started in late summer, after the cybercriminals behind the Colonial Pipeline ransomware attack, known as DarkSide, emerged under a new name, BlackMatter.
Soon after, the cybercriminals made a glaring mistake that most likely cost them tens, if not hundreds, of millions of dollars.
Ransomware criminals encrypt a victim’s data and demand a ransom payment, sometimes millions of dollars, to return access.