Amid an ongoing series of expensive and disruptive attacks on U.S. health systems, energy infrastructure and food suppliers, the U.S. Department of Justice says it will elevate its ransomware investigations to a priority level similar to that of terrorism.
As Reuters’ Christopher Bing reported this week, the agency sent internal guidance to U.S. attorney’s offices around the country directing staff to centrally coordinate ransomware investigations in the field with a Washington task force.
“To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking,” said the guidance, according to Reuters.
WHY IT MATTERS
As senior officials told Bing, the DOJ’s move to shift ransomware response illustrates how the issue is being prioritized. It will mean that the agency expects U.S. attorney’s office investigators to share case details and other information with leaders in Washington.
“We’ve used this model around terrorism before, but never with ransomware,” said Justice Department Principle Associate Deputy Attorney General John Carlin.
Other investigations that will also trigger similar notifications now include cases involving counter-antivirus services, botnets and other tools used by hackers.
The guidance follows a Thursday letter from National Security Council Cybersecurity Advisor Anne Neuberger to corporate executives and business leaders, noting the rise in ransomware attacks and advising organizations to beef up their protection against them.
The letter outlines best practices for companies, including routine backups and patches, multifactor authentication, endpoint detection and response, encryption, and the employment of a skilled security team.
THE LARGER TREND
The Biden administration has signaled that cybersecurity will be a priority going forward, with billions of dollars allocated toward bolstering it in the budget released this past week.
In the meantime, the Federal Bureau of Investigation has flagged the danger of ransomware attacks on the healthcare sector. Over the past year, the FBI has identified at least 16 Conti ransomware attacks targeting U.S. healthcare and first-responder networks, the agency said this past month.
ON THE RECORD
“The threats are serious, and they are increasing,” said the NSC’s Neuberger in her letter Thursday. “We urge you to take these critical steps to protect your organizations and the American public.”