As if ransomware attacks weren't already a major issue, in 2021 they've disrupted everything from gas pipelines to meat processing, and a report from Reuters shows just how the US Department of Justice is adjusting its response to the issue. A department official told Reuters that the new model for collecting and tracking information from cases around the country is similar to the model used for issues of national security like terrorism.
The Wall Street Journal previously reported on the existence of a memo setting up the task force approach to ransomware and related crimes, and today Gizmodo posted the three-page memo itself. The document explains DOJ rules for a coordinated approach to not just the attacks, but any infrastructure supporting them including botnets, cryptocurrency exchanges and hacking forums.
According to the memo, "To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking."
Separately, a report by NBC News says that the Biden Administration is seeking to disrupt ransomware networks. According to sources, options include "using intelligence agencies to spy on foreign criminals and contemplating offensive cyber operations against hackers inside Russia." As far as the DoJ memo, Reuters reporter Christopher Bing explained in a tweet that this is about the investigative and prosecution process. Meatpacker JBS USA announced this evening that "all of its global facilities are fully operational" after the latest attack, but that doesn't mean it's the end of changes to how the US responds to the spike in ransomware activity.