US Department of Justice conducts cyber crackdown, Telecom News, ET Telecom

Deputy Attorney General Lisa Monaco speaks with The Associated Press in an interview with the Justice Department in Washington on Tuesday, November 2, 2021. Monaco told the PA the public should expect to see more of arrests and law enforcement actions as the Department of Justice. addresses the threat of ransomware. (AP Photo / Manuel Balce Ceneta)

By Eric Tucker

WASHINGTON: Justice Department steps up action to tackle ransomware and cybercrime through arrests and other actions, its No.2 official told The Associated Press, as Biden administration steps up its response to what it sees as an urgent threat to economic and national security.

Deputy Attorney General Lisa Monaco said that “in the days and weeks to come you are going to see more arrests”, more hacker ransom seizures and other law enforcement operations.

“If you come for us, we will come for you,” Monaco said in an interview with the AP this week. She declined to give details on who in particular could be prosecuted.

The actions aim to build on actions taken in recent months, including the recent extradition to the United States of a suspected Russian cybercriminal and the seizure in June of $ 2.3 million in cryptocurrency paid to hackers. They come as the United States continues to suffer what Monaco has called a “constant drumbeat” despite warnings from President Joe Biden last summer to his Russian counterpart Vladimir Putin after a string of lucrative attacks linked to Russian-based hacking gangs.

“We haven’t seen any significant change in the landscape. Only time will tell what Russia can do on this front,” Monaco said.

Another official, Cyber ​​National Director Chris Inglis, painted a rosier picture, telling lawmakers on Wednesday that the United States had seen a “noticeable decrease” in attacks emanating from Russia but was too early to say why.

But Monaco added: “We are not going to stop. We will continue to push for those who seek to attack our industries, take their data hostage and threaten economic, national and personal security.”

Monaco has been a longtime mainstay of law enforcement in Washington, having served as an advisor to Robert Mueller when he was director of the FBI and head of the Department of Justice’s national security division. She was a White House official in 2014 when the Justice Department filed a one-of-a-kind indictment against Chinese government hackers.

Monaco’s current position, with oversight from the FBI and other components of the Justice Department, has made it a key player in the US government’s efforts against ransomware. This fight has defied easy solutions given the sheer volume of high-value attacks and the ease with which hackers have penetrated private businesses and government agencies. The lasting impact of the latest actions is also unclear.

While not a new phenomenon, ransomware attacks – in which hackers block and encrypt data and demand often exorbitant sums to hand it over to victims – exploded last year with violations affecting critical infrastructure and global businesses.

Colonial Pipeline, which supplies about half of the fuel consumed on the East Coast, paid more than $ 4 million after an attack in May that led to it shutting down operations, although the Department of Justice has recovered the majority by accessing the culprit’s cryptocurrency wallet, known as DarkSide. The public should expect to see more such foreclosures, Monaco said.

JBS, the world’s largest meat processor, paid $ 11 million in June following a hack by a Russian group known as REvil, which weeks later led what is believed as the biggest ransomware attack on record – in large part through companies that remotely manage IT infrastructure for multiple customers.

The explosive attacks elevated ransomware as an urgent national security priority as the administration worked to contain the attack.

Officials within the Department of Justice in April formed a ransomware task force of prosecutors and agents, and asked U.S. prosecutors’ offices to report ransomware cases in Washington just as they do. would do for terrorist attacks.

He also attempted prosecution, extraditing from South Korea last month an accused Russian hacker, Vladimir Dunaev, who prosecutors say participated in a cybergang whose malware – “Trickbot” – infected millions of people. computers.

“You are going to see more action as you saw last week in the days and weeks to come,” Monaco said.

Yet holding foreign hackers accountable in the United States is notoriously difficult, and ransomware gangs abound. Even though the recent attacks did not generate the same publicity as those of last spring, Monaco said there had been no noticeable change in the behavior of opportunistic hackers still targeting a range of industries with attacks that threaten to cripple crucial business operations – or force millions of dollars into payments.

Monaco said she was sensitive to the tough decisions businesses must make, in part because she has had experience dealing with criminals’ monetary demands.

As Homeland Security and Counterterrorism Advisor in the Obama administration, she helped shape policy on Americans held hostage abroad. The policy reiterated that ransom payments for hostages were discouraged and illegal, but also made it clear that prosecutors had no intention of prosecuting families who made such payments.

“What this reflected, and quite frankly what the whole effort reflected, was Lisa’s feeling that this was an area where you needed an extraordinary balance between politics and humanity.” said Joshua Geltzer, deputy homeland security adviser to Administrator Biden who worked with Monaco at the Obama White House.

The US government has publicly discouraged ransomware payments, but Monaco – which during the Obama administration was criticized by hostage families over the government’s response to their plight – says the administration is trying to listen and work with the victim companies.

Officials have shown no interest in prosecuting companies that pay hackers a ransom, although Monaco announced last month that the department was ready to prosecute federal contractors who do not disclose they have been hacked or who do not meet cybersecurity standards.

“We have known companies that are not paying the attention they need on this front,” Monaco said.

Ransomware attacks have flourished even as the federal government grapples with more old-fashioned, albeit sophisticated, cyber espionage. The Justice Department was among agencies hit hard by the SolarWinds breach, in which Russian government hackers exploited a supply chain vulnerability to gain access to networks of federal departments and private companies.

The Justice Department said more than two dozen U.S. law firms had at least one employee whose email account had been compromised.

It was a reminder, she said, that no one is safe from a sophisticated breach.

“We need to practice what we preach and do the same kind of vigilance on our cybersecurity that we ask companies to do,” she said.

Source link

About Donald J. Beadle

Check Also

NCSC releases supply chain cybersecurity guidance

Image source: The National Cyber ​​Security Center (NCSC) and a number of international partners …

Leave a Reply

Your email address will not be published.