Today (January 27, 2021) was a BIG win for law enforcement in their efforts to combat cyber crime. U.S. and European law enforcement agencies announced today that through join efforts and cooperation on “Operation Ladybird,” computer servers and the infrastructure that has been used by criminals behind Emotet to victimize individuals and organizations through phishing schemes and distributing vicious strains of ransomware such as Ryuk were seized and are now out of the control of the cyber criminals. Emotet has been described as a cybercrime-as-a-service program because it is a pay-per-install botnet.
According to reports, Emotet has been used by criminals to defraud victims of millions of dollars through extortion and data theft, and the U.S. Department of Homeland Security has estimated that it has cost U.S. state and local governments up to $1 million per incident following an Emotet infection. Investigators have estimated that more than one million Microsoft Windows systems are currently affected by Emotet infections, so the take down is particularly important for those already infected systems.
According to Europol, “The Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale.”
This win doesn’t mean that the criminals behind Emotet can’t rebuild and continue to wreak havoc in the future, but slowing them down a bit is helpful in combatting cyber crime and the protection of individuals and companies’ data.