Ransomware Attacks to Get Similar Priority as Terrorism in US, Official Says

Information on ransomware investigations in the field will be centrally coordinated with a recently created task force in Washington.

Ransomware Attacks to Get Similar Priority as Terrorism in US, Official Says

DOJ's decision to push ransomware into the special process illustrates how the issue is being prioritised

Highlights
  • DOJ guidance specifically refers to Colonial as example of growing threat
  • A botnet is a group of compromised Internet-connected devices
  • Hackers build, buy, and rent out botnets in order to conduct cyber crimes
Advertisement

The US Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cyber criminals, a senior department official told Reuters.

Internal guidance sent on Thursday to US attorney's offices across the country said information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington.

"It's a specialised process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain," said John Carlin, principle associate deputy attorney general at the Justice Department.

Last month, a cyber criminal group that the US authorities said operates from Russia, penetrated the pipeline operator on the US East Coast, locking its systems and demanding a ransom. The hack caused a shutdown lasting several days, led to a spike in gas prices, panic buying and localised fuel shortages in the southeast.

Colonial Pipeline decided to pay the hackers who invaded their systems nearly $5 million (roughly Rs. 36 crores) to regain access, the company said.

The DOJ guidance specifically refers to Colonial as an example of the "growing threat that ransomware and digital extortion pose to the nation."

"To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralise our internal tracking," said the guidance seen by Reuters and previously unreported.

The Justice Department's decision to push ransomware into this special process illustrates how the issue is being prioritised, US officials said.

"We've used this model around terrorism before but never with ransomware," said Carlin. The process has typically been reserved for a short list of topics, including national security cases, legal experts said.

In practice, it means that investigators in US attorney's offices handling ransomware attacks will be expected to share both updated case details and active technical information with leaders in Washington.

The guidance also asks the offices to look at and include other investigations focused on the larger cybercrime ecosystem.

According to the guidance, the list of investigations that now require central notification include cases involving: counter anti-virus services, illicit online forums or marketplaces, cryptocurrency exchanges, bulletproof hosting services, botnets, and online money laundering services.

Bulletproof hosting services refer to opaque Internet infrastructure registration services which help cyber criminals to anonymously conduct intrusions.

A botnet is a group of compromised Internet-connected devices that can be manipulated to cause digital havoc. Hackers build, buy, and rent out botnets in order to conduct cyber crimes ranging from advertising fraud to large cyberattacks.

"We really want to make sure prosecutors and criminal investigators report and are tracking ... cryptocurrency exchanges, illicit online forums or marketplaces where people are selling hacking tools, network access credentials - going after the botnets that serve multiple purposes," said Carlin.

Mark Califano, a former US attorney and cybercrime expert, said the "heightened reporting could allow DOJ to more effectively deploy resources" and to "identify common exploits" used by cybercriminals.

© Thomson Reuters 2021
 


It's an all television spectacular this week on Orbital, the Gadgets 360 podcast, as we discuss 8K, screen sizes, QLED and mini-LED panels — and offer some buying advice. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Money Heist Season 5 First Look Photos Tease the End of the Spanish Hit Series
Google Pixel Buds A-Series TWS Earphones With 12mm Dynamic Drivers, Hands-Free Google Assistant Launched
Share on Facebook Gadgets360 Twitter Share Tweet Snapchat Share Reddit Comment google-newsGoogle News
 
 

Advertisement

Follow Us

Advertisement

© Copyright Red Pixels Ventures Limited 2024. All rights reserved.
Trending Products »
Latest Tech News »