The U.S. Department of Justice announced on June 4 (local time) that it will raise the priority of responding to ransomware attacks to the same level as terrorism as damages in the United States are increasing due to ransomware attacks on American companies.
According to the report, a senior official of the Ministry of Justice said that as the damage of the Colonial Pipeline hacking by cyber criminals increases, the priority of responding to ransomware attacks is being raised to equal that of terrorism.
The internal guidance sent by the US Department of Justice to federal prosecutors’ offices across the United States on June 2 states that the investigation of ransomware attacks in the field will be managed mainly by a task force established in Washington, and the necessary relationships will be established for investigations related to domestic and global incidents. He wrote that it is necessary to strengthen and unify internal tracking in order to reveal the overall state of national and economic security threats facing the country.
Terrorism has applied this process so far, but it has not been applied to ransomware. It is a special process to ensure that all attacks are tracked, regardless of where the ransomware attack occurred in the United States.
On May 9, Colonial Pipeline, which operates the largest oil transport pipeline in the United States, was attacked by a ransomware attack from the cybercriminal group DarkSide, and the pipeline was suspended more than 8,000 km off the east coast for three days. In this case, Colonial Pipeline paid the ransom, and the CEO said the amount was $4.4 million.
In addition, on May 30, JBS USA, a subsidiary of JBS, the world’s largest meat processing company based in Brazil, was attacked by a ransomware attack, causing great confusion in the meat industry, with the number of demolition of beef in the United States significantly reduced. The FBI concludes that the cybercriminal organization REvil (Sodinokibi) was responsible for the attack in the case. The site is also increasing the spread of damage, including ransomware attacks on Apple partners and Acer before. An expert explained that this strengthening of the system has enabled the US Department of Justice to more effectively distribute resources and specify attacks. Related information can be found here.