The U.S. Department of Justice has given investigations into cyber ransomware attacks the same priority as those related to terrorist activities. The recent hacking of Colonial Pipeline’s system was a trigger of sorts.
Reuters reports that orders sent out to district attorneys across the country specify that investigations related to cyber extortion must be coordinated with a task force recently created in Washington.
According to Justice Department spokesman John Carlin, the special work order is designed to establish links between cyber extortionists operating across the country and find a way to break the entire criminal chain.
According to U.S. authorities, last month a criminal group infiltrated the information system of one of the largest pipeline operators in the United States, blocking data and disrupting equipment. This caused skyrocketing gasoline prices, panic buying by citizens in large quantities and local shortages of fuel and lubricants in the southeastern United States. The attack was attributed to hackers operating from the territory of Russia. In order to restore access to the systems, Colonial Pipeline decided to pay the criminals $5 million.
“To make the necessary connections between national and global incidents and investigations for certain, and to allow us to develop a comprehensive picture of threats to our national and economic security, we must expand and centralize our domestic tracking systems,” according to the Justice Department.
Carlin said the terrorist investigation model has been used by law enforcement before, but never for cyber extortionists. Usually such a scheme has been resorted to in cases involving other national security issues.
The field is now required to send timely and regular investigative reports to Washington. The instruction also requires officials to track and report on other investigations related to the cybercrime ecosystem. It mandates that information be sent about attempts to circumvent antivirus services, illegal forums and marketplaces, cryptocurrency exchanges, hosting services for criminals to operate anonymously, botnets and online money-laundering services.
According to cybersecurity expert and former federal prosecutor Mark Califano, “Enhanced reporting could allow the Department of Justice to use resources more efficiently” and “identify common vulnerabilities” used by cybercriminals.