The US said it will now consider proactively disrupting cyber criminals’ operations even if doing so may impede the state’s ability to arrest and indict the alleged perpetrators.
Deputy Attorney General Lisa O. Monaco made the remarks while addressing delegates at the Munich Cyber Security Conference on Thursday. She said, going forward, US law enforcement could potentially deploy preventative measures to minimise the risk to victims of cyber attacks.
Such measures could include providing decryptor keys to ransomware victims or seizing servers used to launch cyber attacks.
The shift in policy comes following a year in which ransomware once again topped the charts of the most-used cyber attacks against businesses and critical organisations.
Monaco said that charging suspects in cyber crime cases will still be the priority, but taking a hybrid approach to disrupting cyber crime will make law enforcement authorities “nimbler” and more capable, she said.
“Now, as a former prosecutor, I can tell you that this approach is not the first instinct for trial lawyers who live in the courtroom,” said Monaco. “But my message to the department is clear: we should be looking for success both inside and outside the courtroom.
“And my message to cybercriminals is equally clear: the long arm of the law can — and now will — stretch much farther into cyberspace than you think. If you continue to come for us, we will come for you.”
In addition to directly disrupting attacks through decryptors and server seizures, Monaco also said the US will consider a broader range of disruptive techniques including sanctions and export controls.
She also announced the US is creating the Cyber Operations International Liaison - a unit that will see cross-border collaboration between the US and European agencies to expedite investigations into cyber criminal activity.
Collaboration between international law enforcement agencies and the relevant cyber crime institutions has yielded some high-profile results in the past year, including the takedown of the long-ruling Emotet botnet and the arrest of multiple REvil ransomware gang members.
The US and European agencies will also be launching an International Virtual Currency Initiative to combat the abuse of virtual currency, Monaco said. It will further the country’s own domestic unit, the National Cryptocurrency Enforcement Team, the launch of which was announced in 2021.
Cryptocurrency is used commonly in criminal operations to hide the identities of the criminals launching the attacks by obscuring blockchain transactions, making the tracking of funds more difficult for law enforcement.
The US announced its biggest ever seizure of cryptocurrency earlier this month. A total of $3.6 billion was seized from a married couple allegedly laundering money after the 2016 hack on currency exchange Bitfinix.
RELATED RESOURCE
“We are issuing a clear warning to criminals who use cryptocurrency to fuel their schemes. We also call on all companies dealing with cryptocurrency: we need you to root out cryptocurrency abuses,” she said. “To those who do not, we will hold you accountable where we can.”
The US has been vocal about its mounting efforts against cyber crime since the high-profile ransomware attacks of 2021, including those affecting JBS Foods and Colonial Pipeline, the latter of which prompted such crime to be promoted to ‘terrorism’ status in the eyes of the US.
The Cybersecurity and Infrastructure Security Agency (CISA) also enforced a policy in 2021 that compelled all federal agencies to patch some of the most serious security vulnerabilities to improve the nation's cyber posture. It set different deadlines depending on how recently any given vulnerability was discovered.
-
Anthropic CEO Dario Amodei claimed AI would be writing 90% of code by this point – we're still a long way offNews In March, Anthropic CEO Dario Amodei claimed up to 90% of code would be written by AI within six months – his prediction hasn't quite come to fruition.
-
Veracode bolsters leadership team for next growth chapterNews The application security vendor has named Anthony Barkley as chief strategy officer and Diana Bushard as general counsel
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
-
A notorious hacker group is ramping up cloud-based ransomware attacksNews The Storm-0501 threat group is refining its tactics, according to Microsoft, shifting away from traditional endpoint-based attacks and toward cloud-based ransomware.
-
Security researchers have just identified what could be the first ‘AI-powered’ ransomware strain – and it uses OpenAI’s gpt-oss-20b modelNews Using OpenAI's gpt-oss:20b model, ‘PromptLock’ generates malicious Lua scripts via the Ollama API.
-
Data I/O shuts down systems in wake of ransomware attack
News Regulatory filings by Data I/O suggest the costs of dealing with the attack could be significant
-
Average ransom payment doubles in a single quarterNews Targeted social engineering and data exfiltration have become the biggest tactics as three major ransomware groups dominate
-
BlackSuit ransomware gang taken down in latest law enforcement sting – but members have already formed a new groupNews The notorious gang has seen its servers taken down and bitcoin seized, but may have morphed into a new group called Chaos
