Another $10M Reward to Catch a Hospital Cyber Threat

May 08, 2024

The federal government announced a $10 million reward this week for information leading to the arrest of a Russian national charged with stealing more than $100 million in ransomware payments from hospitals, schools, and other critical infrastructure organizations.

Yesterday, the Justice Department unsealed charges against Dimitry Yuryevich Khoroshev, who is accused of conceiving, developing administering “the most prolific ransomware variant” from the biggest ransomware group in the world, federal officials said.

“Today’s indictment of LockBit developer and operator Dimitry Yuryevich Khoroshev continues the FBI’s ongoing disruption of the LockBit criminal ecosystem,” FBI Director Christopher Wray said in a statement. “The LockBit ransomware group represented one of the most prolific ransomware variants across the globe, causing billions of dollars in losses and wreaking havoc on critical infrastructure, including schools and hospitals.”

Here’s what you need to know:

• Background:  From 2019 through 2024, LockBit has attacked more than 2,500 victims in at least 120 countries, including 1,800 victims in the United States, federal officials said.
  • Victims include hospitals, schools, small businesses, and other critical infrastructure and government agencies.
• About:  LockBit is a “ransomware-as-a-service-model” in which ransomware tools and codes are leased out to preparators, federal officials said.
• Taking action:  During February, a joint international effort reportedly disrupted the ransomware group, as law enforcement seized public-facing websites used by LockBit to connect to the organization’s infrastructure and seized control of servers used by the organization.
• Federal investigation:  Six LockBit members have now been charged for their alleged participation in the group.
• What to do:  Victims of LockBit should contact the FBI online for more information.

“The charges announced today reflect the FBI’s unyielding commitment to disrupting ransomware organizations and holding the perpetrators accountable,” Wray said.

The news follows another $10 million reward from the federal government to anyone with information about the Change Healthcare cyberattack.

HAP continues to monitor the latest cybersecurity developments and provide updates to members. For more information, contact Jason Tomashunas, MS, CHEP, manager, emergency management.