DOJ memo puts ransomware investigations on a level similar to terrorism

Cases related to ransomware and digital extortion will get a coordinated national response.

Sponsored Links

GREELEY, CO - JUNE 01: A JBS Processing Plant stands dormant after halting operations on June 1, 2021 in Greeley, Colorado. JBS facilities around the globe were impacted by a ransomware attack, forcing many of their facilities to shut down. (Photo by Chet Strange/Getty Images)
Chet Strange via Getty Images

As if ransomware attacks weren't already a major issue, in 2021 they've disrupted everything from gas pipelines to meat processing, and a report from Reuters shows just how the US Department of Justice is adjusting its response to the issue. A department official told Reuters that the new model for collecting and tracking information from cases around the country is similar to the model used for issues of national security like terrorism.

The Wall Street Journal previously reported on the existence of a memo setting up the task force approach to ransomware and related crimes, and today Gizmodo posted the three-page memo itself. The document explains DOJ rules for a coordinated approach to not just the attacks, but any infrastructure supporting them including botnets, cryptocurrency exchanges and hacking forums.

According to the memo, "To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking."

Separately, a report by NBC News says that the Biden Administration is seeking to disrupt ransomware networks. According to sources, options include "using intelligence agencies to spy on foreign criminals and contemplating offensive cyber operations against hackers inside Russia." As far as the DoJ memo, Reuters reporter Christopher Bing explained in a tweet that this is about the investigative and prosecution process. Meatpacker JBS USA announced this evening that "all of its global facilities are fully operational" after the latest attack, but that doesn't mean it's the end of changes to how the US responds to the spike in ransomware activity.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget