[Watch in the player above: What to do after a data breach]
CLEVELAND (WJW) — The Federal Bureau of Investigation’s Cleveland office on Monday announced the disruption of a criminal ransomware group which operated using servers and domains in the U.S. and two other countries.
The group Radar/Dispossessor, formed in August 2023, used ransomware in attacks against at least 43 small to mid-sized businesses in 13 countries, according to a Monday news release from the FBI.
Ransomware is malicious software that essentially locks up and holds computer systems hostage until the victim pays a ransom.
The group’s ransomware used a “dual-extortion model,” according to the FBI. It not only encrypted the victims’ data but also copied then removed it from their systems, allowing the group to “re-victimize” their targets by threatening to destroy the data or leak it to the public.
The group identified vulnerable computer systems with weak passwords or a lack of two-factor authentication — a safety measure which requires a second method of login verification like a text message or email.