Bloomberg Law
June 3, 2021, 8:27 PM

Ransomware Targeted by Justice Department as Attacks Flourish

Chris Strohm
Chris Strohm
Bloomberg News
David Westin
David Westin
Bloomberg News

The Justice Department is vowing to systematically track and prosecute ransomware attacks, making the effort to counter the increasingly dangerous and disruptive online assaults on critical services a top priority.

The department will now require federal prosecutors across the country to notify senior officials of any significant new developments in ransomware investigations or when they learn of a new digital extortion attack, according to a directive issued Thursday by Deputy Attorney General Lisa Monaco.

“To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking of investigations and prosecutions of ransomware groups and the infrastructure and networks that allow these threats to persist,” Monaco wrote.

The move is one of the first major efforts by the Biden administration in response to the growing threat of attacks in which hackers disrupt services and demand that companies pay ransom to unfreeze data and computers. Victims have included Colonial Pipeline Co. and JBS SA, the world’s largest meat processor.

U.S. officials have determined that criminal hacking groups behind the attacks were probably operating from Russia.

Read More: Russia-Linked Group Behind JBS Attack Revels in ‘Audaciousness’

President Joe Biden will press President Vladimir Putin at their meeting this month to crack down on the groups, White House Press Secretary Jen Psaki said Thursday.

The U.S. president’s message at the one-on-one meeting in Geneva on June 16 will be that “responsible states do not harbor ransomware criminals, and responsible countries must take decisive action against those ransomware networks,” Psaki said.

Former Defense Secretary Leon Panetta said Thursday that Biden’s message needs to be clear and definitive: “You continue to do this, you will pay a price. Period,” Panetta said in an interview on Bloomberg Television’s “Balance of Power” program.

“President Biden has to make very clear that there are lines here that the Russians cannot cross,” added Panetta, who also served as director of the Central Intelligence Agency. “Putin only understands very strong talk.”

Although Panetta didn’t specify what steps could be taken against Russia, he mentioned that the U.S. has developed capabilities to mount offensive cyber operations.

Read More: JBS Starts to Open Most Meat Plants Sidelined by Cyberattack

The Russian government has denied knowing about or being involved in the ransomware attacks, a claim that Panetta said he didn’t believe.

“These criminal organizations are operating under the cover of the Russian government, and they’re basically doing what the Russian government supports, which is to undermine the United States of America,” Panetta said.

The new Justice Department directive comes after ransomware attacks have crippled operations of targets including schools, state governments, hospitals and infrastructure. The U.S. Department of Homeland Security conducted a 60-day “sprint” to tackle the attacks. Yet the U.S. has struggled to deter the criminals responsible.

Brazilian-based JBS has partly restarted beef production after a ransomware attack on Sunday forced it to halt operations across the globe. And last month, the biggest pipeline in the U.S., Colonial Pipeline, shut down operations after it was hit with an attack that resulted in gasoline shortages and price increases.

Beyond confronting Putin, the Biden administration also must develop a comprehensive cybersecurity strategy that involves working with the private sector and developing cutting-edge technologies, Panetta said.

He added that it’s “dangerous” for companies to keep paying ransoms to hackers. “If they pay off these ransoms, what they do is they send a signal to these criminal organizations to continue to do what they’re doing,” he said.

--With assistance from Justin Sink and Jennifer Epstein.

To contact the reporters on this story:
Chris Strohm in Washington at;
Alyza Sebenius in Washington at;
David Westin in New York at

To contact the editors responsible for this story:
Bill Faries at

Larry Liebert, John Harney

© 2021 Bloomberg L.P. All rights reserved. Used with permission.