Leaked internal messages have exposed the inner workings and stark moral disagreements within Conti, one of the world's most prolific ransomware gangs, which brought chaos to British businesses and public services. Thousands of secret communications were made public after a group of Conti members leaked over 300,000 messages in 2022, following the Russian invasion of Ukraine.
The leak has shed light on the gang's methods and targets, with Conti reportedly making an estimated £180 million from extorting millions of pounds from organisations in 2021. British entities among its victims include Redcar and Cleveland Borough Council and luxury jeweller Graff. The leaked chats have also revealed contentious discussions around targeting healthcare institutions, with some members advocating for attacks that could lead to panic and death.
A particularly devastating attack occurred in May 2021 on the Irish Health Service Executive (HSE), which brought nearly all hospitals and healthcare facilities in Ireland to a standstill. Oncologist Seamus O'Reilly recounted the disruption at Cork University Hospital, where screens went blank, and access to patient data was lost. The hackers demanded £14 million to restore services, leaving patients like Donna-Marie Cullen, undergoing cancer treatment, fearing for their lives.
The internal discussions revealed a shocking lack of empathy from some members, with one individual identified as 'Target' expressing delight at the potential for panic and death. However, not all members shared this approach; messages show some expressed strong reservations about attacking maternity hospitals, questioning the founder's approval for such an action and offering to provide a decryptor if it was unauthorised.
The leak has provided an unparalleled understanding of Conti's operations, according to Joe Wrieden, cyber threat intelligence leader at Cyjax. The sheer volume of information obtained from the leaked messages is likely to have significant implications for law enforcement agencies and cybersecurity professionals worldwide.