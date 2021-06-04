The United States Department of Justice raised investigations into ransomware attacks to a similar priority to terrorism a, as a result of the attack on the Colonial Pipeline and the increasing damage caused by cybercriminals, as confirmed to the news agency Reuters a senior official in the department.

A directive sent Thursday to the US attorney’s offices across the country said information on ransomware investigations in the field should be coordinated centrally with a newly created task force in Washington.

“It is a specialized process to make sure that we track all cases of ransomware, regardless of where it may lead in this country, so that I can make connections between the players and move forward to disrupt the entire chain, “said John Carlin, Senior Deputy Assistant Attorney General for the Department of Justice.

Last month, a group of cybercriminals who US authorities say operates from Russia broke into the pipeline operator on the US East Coast, locked its systems and demanded a ransom. The attack caused a shutdown that lasted several days, caused a spike in gasoline prices, panic buying and localized fuel shortages in the Southeast.

Colonial Pipeline, the hacked pipeline. AP Photo

Colonial Pipeline decided to pay hackers who almost $ 5 million invaded their systems to regain access, the company said.

The Justice Department specifically refers to this case as an example of the “growing threat that ransomware and digital extortion pose to the nation.”

“To ensure that we can make the necessary connections between national and global cases and investigations, and to enable us to develop a comprehensive picture of national security threats and economic we face, we must improve and centralize our internal monitoring “, they explained.

An increasingly frequent problem



JBS, a meat supplier, was also hacked. AFP

The Justice Department’s decision to introduce ransomware into this special process illustrates how the problem is prioritizedUS officials said.

“We have used this model around terrorism before, but never with ransomware,” Carlin said. The process has typically been reserved for a short list of topics, including national security cases, legal experts said.

In practice, it means that investigators at the US attorney’s offices handling ransomware attacks are expected to share both up-to-date details of the case and technical information. active with leaders in Washington.

The communication also asks the offices to examine and include other investigations focused on the broader ecosystem of cybercrime.

The list of investigations that now require central notification includes cases involving: antivirus services, illicit online forums or marketplaces, cryptocurrency exchanges, bulletproof hosting services, botnets and online money laundering services.

“Bulletproof” hosting services refer to opaque Internet infrastructure logging services that help cybercriminals perform intrusions anonymously.

A botnet it’s a group of compromised internet-connected devices that can be manipulated to wreak digital havoc. Cybercriminals build, buy and rent botnets to commit cyber crimes ranging from ad fraud to major cyberattacks.

“We really want to make sure prosecutors and criminal investigators report and are tracking … illicit cryptocurrency exchanges, forums, or online marketplaces where people sells hacking tools, network access credentials, chasing botnets that serve multiple purposes, “Carlin said.

Mark Califano, a former US attorney and cybercrime expert, said “increased reporting could allow the Justice Department to deploy resources more effectively” and “identify common vulnerabilities” used by cybercriminals.

With information from Reuters.

