The Department of Justice formed a task force to curb the rapid expansion of ransomware cyberattacks by targeting the entire criminal ecosystem surrounding them, according to an April 21 report by The Wall Street Journal.
Acting Deputy Attorney General John Carlin said in an internal memorandum this week that ransomware poses a threat not only to business but "jeopardizes the safety and health of Americans."
Ransomware poses a significant threat to the healthcare sector as well. Last October, cyberterrorists conducted a wave of ransomware attacks on hospitals, locking up their systems while demanding a ransom, which disrupted patient care during a nationwide spike in COVID-19 cases.
"By any measure, 2020 was the worst year ever when it comes to ransomware and related extortion events," Mr. Carlin told the Journal. "And if we don’t break the back of this cycle, a problem that's already bad is going to get worse."
Six things to know about the task force:
- The task force will consist of the Justice Department's criminal, national security and civil divisions, the FBI and the Executive Office for U.S. Attorneys, which supports the top 93 federal prosecutors in the country. The team will collaborate with Homeland Security, the Treasury Department, international departments and the private sector. Mr. Carlin will oversee the task force he created.
- The task force will increase training and dedicate more resources to ransomware attacks, seek to improve intelligence-sharing across the department, and work to identify links between cybercriminals and nation-states.
- Cybercriminals' demands are continuing to increase in the amount of money they want from victims. The money they get is often reinvested into tools that enable better attacks at a more frequent pace.
- The task force will develop a strategy that takes aim at the entire criminal ecosystem around ransomware, including prosecutions, disrupting cybergang networks and targeting services that enable the attacks, such as hosting services where the campaigns are launched and online forums where the sale of ransomware is advertised.
- Companies are often torn on whether to pay the ransom and support cyberterrorism or allow their patients' and customers' data to be leaked. Mr. Carlin said the task force will develop sturdy recommendations to address those situations.
- The task force will strive to use legal authorities to protect victims before they are victimized, like finding vulnerabilities before they are extorted.