Ransomware Is Now Terrorism
The U.S. Department of Justice has elevated the status of investigations on ransomware attacks to give them a similar priority to terrorism.
Ransomware Attacks Given Higher U.S. Priority
Those who have been victimized by ransomware have known it for some time. And now the federal government has faced up to the stark reality: ransomware is terrorism.
The U.S. Department of Justice has just elevated the status of investigations on ransomware attacks to give them a similar priority to terrorism. This comes in the aftermath of the Colonial Pipeline hack, a similar attack on the world’s largest meat processor, and a rash of other smaller incidents impacting schools, hospitals, and businesses.
As a result, U.S. attorney’s offices throughout the country have been instructed that any data concerning the investigation of ransomware should be communicated to Washington for the purposes of coordination. It appears that a concerted and coordinated campaign has begun in attempt to take out this form of cybercrime.
How the U.S. is Responding to Ransomware Attacks
A new task force has been set up in D.C. to address the issue. The goal is to detect patterns, trace common actors, and track down the criminal gangs behind it. This is a necessary move, given the fact that many of these acts are linked to Eastern European and Asian sources. With the federal government involved, pressure can be brought to bear on the police forces of other nations via Interpol, and from the State Department to other government officials.
And it’s about time. The criminals have largely had free rein up until now. Actions have only been taken against them when they went after high profile targets. A few hackers have been arrested over the last couple of years, but not that many when you consider the number of victims.
FBI investigations into cybercrime often lead overseas and that makes effective police action difficult. Hopefully, the new status will foster greater international cooperation as well as greater pressure exacted upon those who tolerate cybercriminals within their borders.
Colonial Pipeline Payback
The new emphasis on ransomware as terrorism seems to have paid immediate dividends. U.S. law enforcement officials managed to recover $2.3 million in bitcoin paid to a criminal gang DarkSide that was behind the Colonial Pipeline attack.
“Today we turned the tables on DarkSide,” said Lisa Monaco, a Department of Justice deputy attorney general.
Justice officials identified the virtual currency wallet used to collect payment from Colonial Pipeline and successfully seized what was there. This was possible as the network was in Northern California and within reach of U.S. court orders. It remains to be seen how effective new measures will be if funds have been transferred overseas.
The Best Defense Against Ransomware
Once ransomware has infected systems, the organization concerned is in for a rough ride. Reports can be filed, mitigation actions can be taken, ransoms may even be paid. But when the dust settles, IT and company management will probably feel they have been to hell and back.
The best defense against ransomware, therefore, is not to get infected in the first place. That means deployment of the right mix of security tools, educating users on how to avoid clicking on malware, and making sure all vulnerabilities are known and all patches are up to date.
How Syxsense Can Protect Your Business
Time and again, hackers exploit known vulnerabilities. Systems are continually breached due to well-publicized patches not having been deployed across the network.
Syxsense Cortex simplifies complex IT and security processes with a drag-and-drop interface. Pre-built templates keep organizations secure and without needing large teams, specialists, or scripting.
Start Your Free Trial of Syxsense
Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.