Cyber Command Admits Military Has Taken Action Against Ransomware Operators

At least 11 State Dept. employees hacked by Pegasus spyware, Co-founder of Swiss password texting company allegedly sold mobile phone users' location data, Hackers stole $200m from Bitmart, more

General Paul Nakasone, the head of U.S. Cyber Command and the director of the National Security Agency, said that, abandoning its previous hands-off approach, the U.S. military has started taking actions against ransomware groups as part of its surge against organizations launching attacks against American companies.

Without describing the actions the military took, Nakasone said one of the goals of the actions was to “impose costs,” which is the term military officials use to describe punitive cyber operations. However, other officials have said that Cyber Command diverted traffic around servers being used by the Russia-based REvil ransomware group. Cyber Command and the N.S.A. also assisted the F.B.I. and the Justice Department in their efforts to seize and recover much of the cryptocurrency ransom paid by Colonial Pipeline. The first known operation against a ransomware group by Cyber Command came before the 2020 election when officials feared a network of computers known as TrickB…