January 27, 2021, was a BIG win for law enforcement in the efforts to combat cybercrime. U.S. and European law enforcement agencies announced that through joint efforts and cooperation on “Operation Ladybird,” computer servers and the infrastructure that has been used by the criminals behind Emotet to victimize individuals and organizations through phishing schemes and distributing vicious strains of ransomware such as Ryuk were seized and are now out of the control of the cybercriminals. Emotet has been described as a cybercrime-as-a-service program because it is a pay-per-install botnet.
According to reports, Emotet has been used by criminals to defraud victims of millions of dollars through extortion and data theft, and the U.S. Department of Homeland Security has estimated that it has cost U.S. state and local governments up to $1 million per incident following an Emotet infection. Investigators have estimated that more than one million Microsoft Windows systems are currently affected by Emotet infections, so the take down is particularly important for those already-infected systems.
According to Europol, “The Emotet infrastructure essentially acted as a primary door opener for computer systems on a global scale.”
This win doesn’t mean that the criminals behind Emotet can’t rebuild and continue to wreak havoc in the future, but slowing them down a bit is helpful in combatting cybercrime and the protection of individuals’ and companies’ data.