The Justice Department has created a task force to centrally monitor and coordinate all federal cases related to ransomware or related forms of cybercrime, such as botnets, money laundering, and bulletproof hosting.
“To ensure we can make the necessary connections between national and global cases and investigations… we need to improve our internal tracking of investigations and prosecutions of ransomware groups and the infrastructure and networks that allow the threats to persist. improve and centralize,” said Deputy Attorney General Lisa Monaco. US attorneys across the country on Thursday. She issued the directive in a memo first reported by Reuters. Researchers in field offices around the country are also expected to share information.
The new guidance applies not only to cases or investigations involving ransomware, but also to numerous related concerns, including:
- Against antivirus services
- Illegal online forums or marketplaces
- Cryptocurrency Exchanges
- Bulletproof hosting services
- Online money laundering services
All ransomware all the time
The heightened scrutiny comes as two recent ransomware attacks — first on Colonial Pipeline in May and three weeks later on meat producer JBS — exposed the vulnerability of the country’s critical supply chains. By using an ad hoc group to monitor cases centrally, Justice Department officials hope the move brings focus and consistency to the investigations it conducts and the cases it brings in.
At least two new ransomware infections surfaced on Thursday. The first hit Cox Media Group and, according to The Record, caused the media company to no longer provide live streaming for TV channels and internal networks. The second hit UF Health Central Florida, which operates two hospitals. A UF Health spokesperson said access to email and most other system platforms had been suspended. Employees in all hospitals and physician clinics now use pen and paper to document and order care.
Monaco’s memo instructs lawyers to notify senior Justice Department officials when they open a case involving ransomware or when there are significant developments. The memo comes as ransomware has become a regular topic of discussion at White House press briefings and is one of the concerns Biden plans to raise at a meeting scheduled with Russian President Vladimir Putin later this month.