May 17, 2021

Following pressure from the U.S. government to crack down on cyberattacks, many ransomware groups have announced plans to shut down or scale back operations.

In its latest update, DarkSide a ransomware group accused of carrying out an attack that led to the shutdown of the operation of one of the largest oil companies in the U.S. revealed that it went out of business after it had lost access to some of its servers.

Another well-known gang said they will prohibit encryption attacks on critical infrastructure and forums, in which these ransomware groups recruit members. They also announced that they will prohibit ads related to ransomware.

It was not immediately clear whether the recent decisions of the ransomware groups were a result of diplomatic pressure from the U.S.A., legal requirements on technology providers, or state-sponsored hacking. But, the move will help reverse a trend that has been on the rise in the last two years.

This includes various ransomware groups that target important companies that will pay to resume operations after an attack.

Dmitri Alperovitch, co-founder of CrowdStrike said, “Ransomware criminals are clearly getting nervous with all the heat coming down from U.S. government and industry. Many will likely try to lie low for a few months in hopes that it will pass. The key will be to keep up the pressure on both the criminal gangs themselves as well as the states like Russia that offer them safe haven from prosecution.”

For more information, read the original story in Reuters.