Russians team up with young, English-speaking hackers for cyberattacks | 60 Minutes

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

in the past year hospitals pharmacies tech companies Las Vegas's biggest hotels and casinos have been Paralyzed by ransomware attacks in which hackers break into a corporate Network encrypt or lock up critical files and hold them hostage until a ransom is paid it's a crime that has been growing more costly and disruptive every year now cyber security researchers fear it's about to get worse with the emergence of an audacious group of young criminal Hackers from the US UK and Canada the FBI calls scattered spider more troubling they have teamed up with Russia's most notorious ransomware gang the story will continue in a [Music] moment this past September one of the most pernicious ransomware attacks in history was Unleashed on MGM Resorts costing the hotel and casino giant more than $100 million it disrupted operations at a dozen of the most renowned gaming palaces on the Las Vegas Strip MGM Grand Aria Mandalay Bay New York New York the Bellagio Anthony Curtis is a Las Vegas fixture he's so good at counting cards he's been banned from card games here he now publishes the Las Vegas advisor a monthly newsletter on all things Vegas incredibly when it happened I was in an MGM property and it happened while we were having dinner and and there just began to be a rumbling that something was going on when I went down into the casino I could see then that slot machines were sitting dark people were scrambling around the shutdown was starting to take effect across the Vegas Strip thousands of slot machines suddenly stopped paying out so all of a sudden now people are going how do I get my money what's wrong and the people were sitting there waiting and couldn't get paid were they angry they were getting angry yeah and this was just the tip of the iceberg elevators were malfunctioning parking Gates froze digital door keys wouldn't work as computers went down reservations locked up and lines backed up at the front desks anything that required technology was was not working sounds like chaos nobody knew what to do and including the employees the employees just had to you know beg forgiveness and patience look it's it's corporate terrorism at its finest the company declined our interview request but at a conference a month after the hack MGM CEO admitted the disruptions were devastating for the next four or five days with 36,000 hotel rooms and some Regional properties we were completely in the dark the hackers demanded $3 million to unlock mgm's data the company refused but they still paid a price 100 million doll in Lost revenue and millions more to rebuild their servers so how did The Intruders get in through a technique of deception and manipulation called social engineering first hackers zeroed in on an employee gathering information from the dark web and open sources like LinkedIn next a a smooth talking hacker impersonating the employee called the MGM Tech help desk and convinced them to reset his password with that the hacker was inside mgm's computers and unleashed the destructive malware Anthony Curtis says it was the Cyber criminals version of an Oceans 11 Heist they're doing it the old fashioned way I mean they're doing it the new way but with the oldfashioned goal they want to get the money what do you make of that I don't want to be too glowing like I'm like I like these guys cuz they're they're just Crooks right but these hackers were able to turn the tables the casinos have their they have their systems they have their protections they have their experts they have their security these guys are better later mgm's biggest competitor Caesars admitted it also suffered a social engineering attack around the same time suspected by the same group but Caesars paid a ransom reported $15 million and suffered no disruptions from an FBI perspective our position is we recommend a ransom not be paid but we understand it's a business decision during a time of Crisis Brian vren is head of the FBI cyber division he told us ransomware attacks have grown increasingly Brazen any way you look at the numbers it's a problem for the global economy and for the US economy and for the security of the United States there's estimates that Global losses exceed 1 billion US per year have you made any arrests in the Las Vegas cases we're not going to talk about specific cases or specific companies with but he did point us toward the prime suspect when we talk about the actors behind some of the more recent ransomware attacks the name that's generally raised is scouted spider and that's a criminal group that we have a lot of attention on because of the Havoc they're wreaking across the United un States scattered spider is what the FBI calls a loose-knit web of predominantly native English-speaking hackers responsible for the casino hacks and dozens more their specialty is social engineering part of their success is because they are fluent in Western culture they know how our society Works they know what to say to get someone to do something Alison Nixon is Chief research officer at unit 221B a cyber security firm that focuses on English-speaking cyber criminals she says scattered spider is just one of many illicit hacking groups all part of a sprawling collection of online criminals calling themselves the community or the Comm the Comm is a subculture it is specifically an English-speaking youth subculture that has arisen in the past few years it's very new but it's surprisingly disruptive members of the Comm have hacked into companies like Microsoft Nvidia and Electronic Arts how many people are involved years ago it was maybe a few hundred people but since 2018 the population has exploded because of the money coming into these groups and there's thousands of people involved at this point how are they connected they connect over the Internet uh social spaces where people hang out uh gaming servers it's almost analogous to like maybe the back alley where the bad kids hang out but on the internet how old are we talking about males under the age of 25 under 25 down to how young like 13 14 involved in pulling off Major Crimes yeah members communicate and post pictures on messaging apps like telegram their chatter a toxic stew of racism sexism boasting about the money they've scammed and how menacing they are there are these toxic online spaces where young people can socialize and mingle with criminals and gang members and the end result of all of this is this online subculture has formed that glorifies crime that measures one's personal worth by how much harm they can cause the world scattered spider is one of the most sophisticated offshoots of the Comm their criminal exploits caught the attention of cyber security companies and other hackers including the most notorious Russian ransomware gang black cat they saw the young Native English-speaking westers as a force multiplier both claimed credit for the MGM attack historically speaking Russian cyber criminals did not like working with Western cyber criminals there was not only a language barrier but also they they kind of looked down on them and viewed them as unprofessional the Russian and Western hackers met in the shadowy corners of the dark web and now are powerful partners in crime scattered spider uses its English and social engineering skills to break into Western companies networks black cat provides its experience and its malware used in some of the most shocking ransomware attacks including the 2021 attack on Colonial pipeline which caused gas shortages up and down the east coast and this year's attack on United Health Group which disrupted pharmacies Nationwide the state department is offering a $15 million reward for information on Russia's black cat this is black Hat's uh data leak site John dagio a former Analyst at the National Security Agency now in investigates ransomware as Chief security strategist for the cyber security company analyst one so there's a term it's called ransomware as a service that's been given to uh the structure and the format of these gangs dagio says ransomware as a service has taken the crime to a new level the long established Russian gangs like black cat offer their services malware experience negotiating ransoms and laundering money to what they call Affiliates like scattered spider so in return When a victim pays an extortion The Profit that comes from it is now shared amongst those criminals the most successful Russian gangs are run like legitimate companies with easy to navigate online platforms 24-hour service desks even human resources to hire software developers there are people that specialize in developing malware and ransomware and they're in very high demand you said you've gotten to know some of these people yes are are they mostly young men the leadership are are you know people in their 40s uh late 30s uh they people have got experience the people that have a financial background that dagio says the Russian government provides a safe haven for ransomware gangs as long as they don't Target uh you know an organization that falls within Russia or the former Soviet uh State they they don't get prosecuted it's not considered a crime it's not considered a crime to attack American businesses it's crazy right that's that's how it works though so it's like they operate with impunity 100% that that's the whole reason why this is such a popular crime Russian ransomware has become such a threat the elite cyber Warriors at the National Security Agency have joined the fight before retiring last month Rob Joyce was nsa's director of cyber security he told us the colonial pipeline attack was a wakeup call caused us to step back and decide that we had to put more resources into this foreign threat so one of the things NSA has we have hackers and it really at times takes a hacker to defeat a hacker that's the value NSA can bring is we can identify people specific people involved in some of these activities the NSA helped identify the Russian hacker responsible for the colonial pipeline attack and in January 2022 after months of negotiations Russia arrested him and other accomplice but 5 weeks later it all came undone following the Ukraine Invasion those people were let out of jail so they're back in business yes sir and now they've teamed up with the young native English speakers of scattered spider the FBI's Brian vren calls it an evolution of cyber crime so in the case of scattered f is it powerful that they are with black hat of course I think that it's important to know that we are against a very capable set of adversaries they're very good at their work we're also very good at our work in January the bureau arrested a 19-year-old from Florida Noah Urban charged with stealing cryptocurrency he's pleaded not guilty cyber investigators have tied him to scattered spider but so far not to the Casino heists the scattered spider hackers who did pull off the attack are still online hiding in plain sight in Unholy alliance with Russians Allison Nixon calls Las Vegas a Harbinger the level of cyber crime has risen to the point where it feels overwhelming and every year it gets worse and it feels like as Defenders we're it's almost like we're winning every battle and losing the war

Info

Channel: 60 Minutes

Views: 219,487

Rating: undefined out of 5

Keywords: 60 Minutes, CBS News, cyberattack, cybercrime, russia, ransomware, cbs news, 60 minutes

Id: lEwC1tN2jb8

Channel Id: undefined

Length: 13min 34sec (814 seconds)

Published: Mon Apr 15 2024