Justice Department targeted by ransomware, hackers threaten to release sensitive data

The French Ministry of Justice would be the victim of a ransomware. In any case, this is what the youtuber and artificial intelligence engineer Defend Intelligence claims on Twitter, with supporting images. According to its sources, data has been compromised and the hackers are threatening to release it on February 10, 2022 if the demanded ransom is not paid by the authorities.

Credits: Pixabay

For several years now, ransomware has become weapons of mass destruction for hackers, capable of bringing institutions and businesses to their knees and damaging infrastructure vital to a country’s economy. In France alone, the number of attacks jumped by 32% in 2021, as specified by the Ministry of the Interior in a study published in November 2021.

Ironically, the Ministry of Justice was the victim of a ransomware attack this Thursday, January 27, 2022. We owe this information to the youtuber and engineer in artificial intelligence Defend Intelligence, which has just published a full thread on this case on Twitter.

As he details on the social network, the Ministry of Justice has been targeted by le ransomware LockBit. We can also see on the site of the malware operators that the institution is one of the recent targets. The pirates demand the payment of the ransom, under penalty of disclosing data compromised through the hacking of the Department of Justice site.

justice department lockbit
Crédits : Defend Intelligence via Twitter

Criminal records published on the web for lack of payment?

What could be the potential damage of this cyberattack? For the moment, it is impossible to know the content of the stolen data. As Defend Intelligence suggests, the worst would be to see the confidential information of citizens disseminated on the web. We are talking here about criminal records, follow-ups, complaints, and so on. “In the best-case scenario, the leaked data would be aggregated public data from lawyers, bailiffs, places of justice, etc., explique Defend Intelligence.

At the time of writing these lines, the CERT, the government Center for monitoring, alerting and responding to computer attacks has not published an official statement on the subject. We will update this article as soon as we have more information. Either way, it’s unclear how the hackers were able to gain access to the Department of Justice site.

justice department lockbit
Crédits : Defend Intelligence via Twitter

LockBit, the reference for ransomware

Regarding the LockBit ransomware, maybe this name means something to you. This malware has gained popularity among hackers since 2019. Its operation remains simple: access the data and encrypt their access to make them unusable. Next step, demand the payment of a ransom (often in cryptocurrencies) to recover the enjoyment. Very quickly, this ransomware was used massively against large corporations and governments.

Since then, this ransomware like many others has evolved to allow hackers to collect data, in addition to encrypting their access. In fact, attackers can threaten their targets with releasing the recovered sensitive information on the web. One more reason to encourage them to check out.

Also read: Ransomware – hackers go ruthless to force victims to pay more

lockbit ransomware
Crédits : Defend Intelligence via Twitter

Ransomware hurts business and government

In the most recent examples, we remember the ransomware launched by the group of Russian hackers DarkSide which crippled one of the main American oil pipelines. A cyberattack that prompted the government to declare a state of emergency and consider ransomware attacks the same as terrorism.

Shortly after this event, the United States promised the sum of 10 million dollars for any information that would lead to the capture of the members of the DarkSide group. As for the attack on the Kaseya company, it has established itself as the largest cyberattack in history, with a ransom of more than $70 million in Bitcoin. Even more recently, the French arms group Thalès was targeted by ransomware. In the absence of payment, data was leaked, but the company minimized the impact of the attack.

Leave a Comment