Intel Leads to Dismantling of Ransomware Gang After HSE Attack

August 8, 2025 Ahmed Hassan - World News Editor World

#⁣ International‌ Operation Dismantles BlackSuit Ransomware group Linked to ‍Irish ⁣Health Service Attack

A major ⁢international ⁤law enforcement operation led by US Immigration and Customs Enforcement (Ice)‌ has dismantled the⁣ BlackSuit ransomware group, a cybercriminal organization linked to the devastating 2021 attack on Ireland’s health service. The attack, which was​ the largest attack on a health system in history, shut down thousands of​ systems ⁤across ⁢the country and cost almost €55 million to repair.

## Garda Intelligence Key to‍ Operation’s Success

In the​ wake of the 2021 attack, specialist Gardaí meticulously gathered⁢ intelligence on the Conti gang – the precursor to BlackSuit – and their operational tactics. This intelligence was then shared with international partners and directly contributed to the recent American-led‌ operation.

“This facts directly led to​ the American-led operation,” a source confirmed.

The ‍operation ​targeted an international network responsible for numerous⁤ serious ransomware attacks​ worldwide.⁢ It resulted in the seizure and takedown of⁢ critical ‌infrastructure used by the BlackSuit group, described by Ice as a “major cybercriminal‌ operation.”

## Infrastructure ⁣Seized: Dark Web Sites and ⁣Negotiation Platforms

the⁣ seized infrastructure ⁢included servers, domains, and digital ⁤assets ⁢used for deploying ransomware, extorting⁢ victims, and⁤ laundering illicit funds. ⁢Crucially, the takedown included a dark web leaks⁣ page – a⁢ site where data stolen from victims who refuse to ‌pay ransoms is published – and a victim negotiation site used by the ransomware gangs to ⁢communicate with and‌ demand ‌payment from their targets.

## ⁣From‌ conti ‍to BlackSuit: A ‍History of Cybercrime

The BlackSuit ransomware group emerged in ⁤2023 as a rebranding of the Royal Ransomware‍ Group, which ​itself originated from ​the ⁤notorious Conti Ransomware Group. Gardaí ‌state that the Conti group was⁤ “responsible for a number of serious ‌ransomware attacks⁢ internationally.”

Sence 2022, the ‌Royal and BlackSuit groups have⁤ compromised over 450⁣ known victims in the US, spanning critical sectors including⁢ healthcare, education, public safety, energy, and government. ‌ These attacks have generated over $370 million (€317.2 million)⁢ in ransom payments,based on current cryptocurrency valuations.

## International Collaboration and Ongoing Efforts

The case is being prosecuted ​by the US Attorney’s‌ Office for the⁣ Eastern District ⁢of⁢ Virginia, with continued collaboration from international partners​ to ensure accountability. ⁣

The operation involved a broad coalition ⁢of agencies, including the‍ US Department of Homeland Security, ⁢the US Secret​ Service, Europol, Dutch‍ police, German⁤ police, the UK National Crime Agency, and the Ukrainian Cyber Police, alongside assistance from “private partners.”

Angela Willis,​ Assistant Commissioner for Organised and ‌Serious Crime at An Garda Síochána, emphasized the ongoing commitment to combating cybercrime. “An Garda Síochána will continue to work‌ with international partners to identify, target​ and disrupt organised crime groups ⁣involved in cybercrime,” she stated. “Our work‍ to date…will ⁣continue as part ⁤of our ongoing effort to keep people ‌safe both on⁢ and‍ offline.”

, ,