Investigations against ransomware attacks are to be coordinated in a similar way to terrorism. The US Department of Justice has instructed prosecutors to coordinate action against ransomware attacks and treat them with a priority similar to terrorism. The investigations into ransomware attacks are to be coordinated with a recently created task force in Washington.
“It’s a special process to make sure we are tracking all ransomware cases, no matter where they’re directed in this country, so you can make the links between the actors and work your way up to break the whole chain” John Carlin, senior assistant attorney general in the Justice Department told Reuters. “We’ve used this model for terrorism, but never for ransomware.”
In practice, prosecutors involved in ransomware attacks are expected to share both up-to-date case details and active technical information with those in charge in Washington. There, the larger connections are to be analyzed and the larger cybercrime ecosystem to be included.
Coordinated investigations follow the colonial attack
The step to merge the investigations is justified with internationally operating criminals. This is the only way to effectively combat ransomware groups. For this purpose, the services used such as offers to leverage anti-virus software, botnets, bulletproof hosters, illegal forums and marketplaces as well as money laundering services and cryptocurrencies would be considered.
The Justice Department’s decision follows a ransomware attack on pipeline operator Colonial that shut down one of the most important gasoline pipelines in the United States for several days. Colonial paid nearly $ 5 million in ransom to the extortion group.