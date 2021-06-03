Live
Economy|Cybercrime

US to give ransomware hacks similar priority as terrorism: Report

The move by the Department of Justice, which was reported on Thursday by Reuters news agency, would come on the heels of the Colonial Pipeline hack, which disrupted gas deliveries along the east coast of the United States.

The United States Justice Department's decision to push ransomware into this special process shows the level of attention the issue is warranting, officials familiar with the matter told Reuters news agency [File: Andrew Kelly/Reuters]
The United States Justice Department's decision to push ransomware into this special process shows the level of attention the issue is warranting, officials familiar with the matter told Reuters news agency [File: Andrew Kelly/Reuters]
3 Jun 2021

The United States Department of Justice (DOJ) is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cybercriminals, a senior department official told the Reuters news agency.

Internal guidance sent on Thursday to US Attorney’s Offices across the country said information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington.

“It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain,” said John Carlin, principal associate deputy attorney general at the Justice Department.

Last month, a cybercriminal group that the US authorities said operates from Russia, penetrated the pipeline operator on the US East Coast, locking its systems and demanding a ransom. The hack caused a shutdown lasting several days, led to a spike in gas prices, panic buying and localised fuel shortages in the southeast.

Colonial Pipeline decided to pay the hackers who invaded their systems nearly $5m to regain access, the company said.

The DOJ guidance specifically refers to Colonial as an example of the “growing threat that ransomware and digital extortion pose to the nation”.

“To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking,” said the guidance seen by Reuters and previously unreported.

The Justice Department’s decision to push ransomware into this special process illustrates how the issue is being prioritised, US officials said.

“We’ve used this model around terrorism before but never with ransomware,” said Carlin. The process has typically been reserved for a short list of topics, including national security cases, legal experts said.

In practice, it means that investigators in US Attorney’s Offices handling ransomware attacks will be expected to share both updated case details and active technical information with leaders in Washington.

The guidance also asks the offices to look at and include other investigations focused on the larger cybercrime ecosystem.

According to the guidance, the list of investigations that now require central notification include cases involving: counter anti-virus services, illicit online forums or marketplaces, cryptocurrency exchanges, bulletproof hosting services, botnets and online money laundering services.

Bulletproof hosting services refer to opaque internet infrastructure registration services which help cybercriminals anonymously conduct intrusions.

A botnet is a group of compromised internet-connected devices that can be manipulated to cause digital havoc. Hackers build, buy and rent out botnets in order to conduct cybercrimes ranging from advertising fraud to large cyberattacks.

“We really want to make sure prosecutors and criminal investigators report and are tracking … cryptocurrency exchanges, illicit online forums or marketplaces where people are selling hacking tools, network access credentials – going after the botnets that serve multiple purposes,” said Carlin.

Mark Califano, a former US attorney and cybercrime expert, said the “heightened reporting could allow DOJ to more effectively deploy resources” and to “identify common exploits” used by cybercriminals.

Source: Reuters

Related

More from Economy

Biden blocks 59 Chinese companies in amended Trump order

United States President Joe Biden’s order is largely a continuation of a policy issued by former President Donald Trump that was challenged in court and confused investors about the extent of its reach to subsidiaries of blocked companies [File: Andrew Harnik/AP Photo]

Turkey’s lira hits new low as investors lose faith

Turkey&#39;s currency has tumbled 17 percent since mid-March, when President Recep Tayyip Erdogan, long a critic of high interest rates, ousted a hawkish and well-respected central bank chief [File: Murad Sezer/Reuters]

Lebanon’s central bank U-turns after dollar withdrawal backlash

Demonstrations broke out on Wednesday after Lebanon&#39;s central bank said it would stop bank withdrawals from dollar accounts at a low fixed rate [File: Mohamed Azakir/Reuters]

Jobs vs heritage: The battle over Amazon’s new Africa HQ

Contested land earmarked for a development, which includes a new Africa headquarters for United States retail giant Amazon, is seen alongside the Liesbeek River in Cape Town, South Africa [Mike Hutchings/Reuters]
Most Read

Buckingham Palace ‘banned’ ethnic minorities from office jobs

Documents obtained by The Guardian also revealed Queen Elizabeth II has been exempt from race and gender equality laws for more than four decades since their introduction in the UK in the 1970s [Steve Parsons/PA Wire/Pool via Reuters]
OPINION

Netanyahu’s Netanyahus take charge in Israel

Top (left to right): Opposition leader Yair Lapid, former defence minister Naftali Bennett, former interior minister Gideon Saar, former defence minister Avigdor Lieberman. Bottom (left to right) politician Nitzan Horowitz, alternate Prime Minister Benny Gantz, head of United Arab List Mansour Abbas, leader of the Labor Party Merav Michaeli. Lapid informed President Reuben Rivlin he had mustered enough support to achieve a government of &#39;change&#39; that may signal the end of Benjamin Netanyahu&#39;s leadership and two years of political crisis [File: AFP]

France halts joint army operations with Malian forces over coup

France has about 5,100 soldiers in the region under its so-called Operation Barkhane which spans five countries in the Sahel – Burkina Faso, Chad, Mali, Mauritania and Niger [File: Benoit Tessier/Reuters]

‘No difference’: Palestinians react to Israeli coalition deal

Yamina party leader Naftali Bennett, left, speaks to Yesh Atid party leader Yair Lapid during a special session of the Knesset [Ronen Zvulun/Pool/Photo/AP]