The US Department of Justice (DoJ) is elevating ransomware attacks to a similar status at terrorism following the Colonial Pipeline hack.
Reuters reported that US attorney’s offices across the country on Thursday received an internal guidance which explauned that information regarding ransomware investigations in the field should be shared and centrally coordinated with a recently new task force based in Washington.
“It’s a specialised process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain,” said John Carlin, the principal associate deputy attorney general at the DoJ.
The guidance cites the Colonial attack as a prime example of the “growing threat that ransomware and digital extortion pose to the nation.”
“To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking.”
Central notification will now be compulsory for investigations into illicit online forums or marketplaces, anti-virus services, botnets, online money laundering servies and cryptocurrency exchanges.
Carlin explained that the model has been used around terrorism but never with ransomware.
Make sure to register to PrivSec Global and tune into the ”Third Party Risk Management: Cybersecurity Expertise into Board Governance and a Company’s Digital Defense.”
- Israel Rivera, Senior Manager, MBL Technologies
- Anu Kukar, Data & Technology Risk - Thougt Leader
23 June 7am BST | 8am CEST | 2pm HK