The Justice Department is vowing to systematically track and prosecute ransomware attacks, making the effort to counter the increasingly dangerous and disruptive online assaults on critical services a top priority.
The department will now require federal prosecutors across the country to notify senior officials of any significant new developments in ransomware investigations or when they learn of a new digital extortion attack, according to a directive issued Thursday by Deputy Attorney General
“To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking of investigations and prosecutions of ransomware groups and the infrastructure and networks that allow these threats to persist,” Monaco wrote.
The move is one of the first major efforts by the Biden administration in response to the growing threat of attacks in which hackers disrupt services and demand that companies pay ransom to unfreeze data and computers. Victims have included
U.S. officials have determined that criminal hacking groups behind the attacks were probably operating from Russia.
The U.S. president’s message at the one-on-one meeting in Geneva on June 16 will be that “responsible states do not harbor ransomware criminals, and responsible countries must take decisive action against those ransomware networks,” Psaki said.
Former Defense Secretary
“President Biden has to make very clear that there are lines here that the Russians cannot cross,” added Panetta, who also served as director of the Central Intelligence Agency. “Putin only understands very strong talk.”
Although Panetta didn’t specify what steps could be taken against Russia, he mentioned that the U.S. has developed capabilities to mount offensive cyber operations.
The Russian government has denied knowing about or being involved in the ransomware attacks, a claim that Panetta said he didn’t believe.
“These criminal organizations are operating under the cover of the Russian government, and they’re basically doing what the Russian government supports, which is to undermine the United States of America,” Panetta said.
The new Justice Department directive comes after ransomware attacks have crippled operations of targets including schools, state governments, hospitals and infrastructure. The U.S. Department of Homeland Security conducted a 60-day “sprint” to tackle the attacks. Yet the U.S. has struggled to deter the criminals responsible.
Brazilian-based JBS has partly restarted beef production after a ransomware attack on Sunday forced it to halt operations across the globe. And last month, the biggest pipeline in the U.S., Colonial Pipeline, shut down operations after it was hit with an attack that resulted in gasoline shortages and price increases.
Beyond confronting Putin, the Biden administration also must develop a comprehensive cybersecurity strategy that involves working with the private sector and developing cutting-edge technologies, Panetta said.
He added that it’s “dangerous” for companies to keep paying ransoms to hackers. “If they pay off these ransoms, what they do is they send a signal to these criminal organizations to continue to do what they’re doing,” he said.
--With assistance from
To contact the editors responsible for this story:
Larry Liebert, John Harney
© 2021 Bloomberg L.P. All rights reserved. Used with permission.