[BreachExchange] Justice Dept. to give ransomware attacks same priority as terrorism

[Sophia Kingsbury]

https://thehill.com/policy/national-security/556739-justice-dept-to-give-ransomware-attacks-same-priority-as-terrorism?rl=1

The Justice Department announced this week that it will begin elevating
ransomware investigations to a similar level of priority as terrorist
attacks.

John Carlin, the acting deputy attorney general at the Justice Department,
told Reuters on Thursday that the federal government will prioritize
ransomware cases through a new process.

"It's a specialized process to ensure we track all ransomware cases
regardless of where it may be referred in this country, so you can make the
connections between actors and work your way up to disrupt the whole
chain," he said.

According to Reuters, guidance to U.S. attorney's offices nationwide on
Thursday advised that all information regarding any ransomware cases be
sent to a recently formed task force based in Washington, D.C.

The Hill has reached out to the Justice Department for comment.

The move follows a ransomware attack against Colonial Pipeline and other
entities in the U.S. in recent weeks.

Colonial Pipeline, which provides roughly 45 percent of the fuel consumed
on the East Coast, faced a cyberattack last month that left many states in
the southeast with gasoline shortages.

A cyber criminal group that federal authorities traced to Russia was able
to infiltrate Colonial Pipeline's systems and demand a ransom. The company
paid the hackers $4.4 million in order to have control of the systems
returned to them.

"To ensure we can make necessary connections across national and global
cases and investigations, and to allow us to develop a comprehensive
picture of the national and economic security threats we face, we must
enhance and centralize our internal tracking," read the federal guidance
obtained by Reuters.

Carlin told the news outlet that officials have "used this model around
terrorism before but never with ransomware," saying it reflected how the
federal government is further prioritizing such attacks.

U.S. attorney’s offices operating under the new guidance will be required
to share updated ransomware attack case details as well as active technical
information with the Justice Department.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210604/46b9c991/attachment.html>