INDIANAPOLIS — Federal agencies say they just put a big dent in a big crime affecting people around the world and right here in Indiana.
The Department of Justice announced it has taken down one of the most destructive ransomware groups in the world.
Ransomware groups are described as "modern-day bank robbers," who have attacked hospital systems, schools, governments and businesses.
And it's a kind of crime that's been growing for years.
"We were actually attacked," Steve Long said.
We first introduced you to Long in 2019. The president of Hancock Regional Health had never imagined finding himself in the middle of a cyber warzone.
"I get this call from our administrator on call and he said, 'Hey there's something weird on a computer in the lab,'" Long said.
Criminals had hacked into the hospital's IT system and locked out everyone from some of their most critical information. The hackers demanded a ransom be paid to get it back.
Since then, ransomware attacks like that have become an epidemic, with local governments, schools and businesses sending their attackers a record $1 billion last year alone. But this week, law enforcement officials in the U.S. and the U.K. announced a big break in the battle.
LockBit, one of the most active ransomware groups in the world, is alleged to have targeted more than 2,000 victims, extorting $120 million.
According to the federal indictment, the cybercriminals deployed ransomware beginning in 2021 against manufacturing, logistics, insurance and other companies around the world in the United States, including Indiana.
"This is a pretty big deal," said Scott Shackleford, of Indiana University's Kelley School of Business. "LockBit has been one of the most malicious ransomware variants of recent years. The problem with these type of things is this can become a game of global 'Whac-A-Mole.' Even though this network has taken down today, there's no reason it can't be reorganized and pop up again somewhere else tomorrow, potentially with an even more damaging variant."
So far, five people have been charged, and investigators say there could be more. The DOJ says these takedowns would not be possible without victims coming forward and reporting a ransomware attack. If it happens to you or your business, contact the FBI.