In the aftermath of the Colonial Pipeline hack and the increasing damage done by cybercriminals, the U.S. Department of Justice is intensifying investigations into ransomware assaults to the same level of severity as terrorism, according to a senior department official, as Reuters notes.
Internal instructions provided to U.S. prosecutors across the country on Thursday said that information about ransomware investigations in the field will be coordinated centrally with a newly formed task force in Washington.
John Carlin, principle associate deputy attorney general at the Justice Department stated, “It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain”.
Last month, a cybercriminal organization operating from Russia penetrated the system of pipeline operator East Coast, locked its systems, and demanded a ransom, according to U.S. authorities. The intrusion led to an outage lasting several days, a jump in gasoline prices, panic buying, and localized fuel shortages in the Southeast.
The scenario changed following the attack on the Colonial Pipeline
Colonial Pipeline opted to pay the hackers who broke into its computers about $5 million to restore access, the company said. Colonial is expressly mentioned in the DOJ advisory as an example of the increasing threat that ransomware and digital extortion pose to the nation.
According to US authorities, the decision by Justice Department, to include ransomware in this unique process shows how the issue is prioritized. In effect, this means that investigators in U.S. Attorney’s Offices dealing with ransomware attacks are required to share both current case files and active technical information with officials in Washington. The directive also suggests offices consider and include other investigations that focus on the larger cybercrime ecosystem.