The US Department of Justice says Maksim Berezan, a 37-year-old from Estonia, took part in at least 13 ransomware attacks, including seven against American businesses, which cost victims over $53 million in losses. Berezan was an active member of an online forum designed for Russian-speaking cyber criminals to gather and exchange their criminal knowledge, tools, and services, the DoJ said. SEE: Cybersecurity: Let’s get tactical (ZDNet special report) Berezan was arrested in Latvia in November 2020 and extradited to the US where he pleaded guilty in April 2021 to conspiracy to commit wire fraud affecting a financial institution and conspiracy to commit access device fraud and computer intrusions. Following his arrest, police searched Berezan, investigated his computers and found evidence of his involvement in ransomware attacks, with $11 million in ransom payments flowing through cryptocurrency wallets he owned. According to court documents, he used the money made from cybercrime to buy two Porsches and a Ducati motorcycle, along with an assortment of jewelry. Authorities confiscated $200,000 in cash from Berezan’s home, along with cryptocurrency wallets holding $1.7 million in Bitcoin. The Eastern District of Virginia sentenced Berezan to 66 months in prison and he’s been ordered to pay $36 million in restitution. “Ransomware thieves are not safe in any dark corner of the internet in which they may think they can hide from our highly trained investigators and law enforcement partners worldwide,” said special agent in charge Matthew Stohler of the US Secret Service. “Together with our critical partners we are dedicated to protecting the public and securing every iteration of our money and every part of our national financial infrastructure.” The US Department of Justice worked with the Latvian State Police and Estonian Police to help obtain the conviction. “Cybercrime has become increasingly more sophisticated, but so have our methods for combatting it,” said US Attorney Jessica D. Aber for the Eastern District of Virginia. “Ransomware attacks are devastating to people and organizations alike, and we have honed our strategies and techniques to target both the individual actors who perpetrate these attacks and the networks that support them,” she added.
MORE ON CYBERSECURITY
This is how fast a ransomware attack encrypts all your filesThis company was hit with ransomware, but didn’t have to pay up. Here’s how they did itWant to boost your cybersecurity? Here are 10 steps to improve your defences nowThis is what happens when two ransomware gangs hack the same target - at the same timeThe ransomware threat is getting worse. But businesses still aren’t taking it seriously