The US said it will now consider proactively disrupting cyber criminals’ operations even if doing so may impede the state’s ability to arrest and indict the alleged perpetrators.
Deputy Attorney General Lisa O. Monaco made the remarks while addressing delegates at the Munich Cyber Security Conference on Thursday. She said, going forward, US law enforcement could potentially deploy preventative measures to minimise the risk to victims of cyber attacks.
Such measures could include providing decryptor keys to ransomware victims or seizing servers used to launch cyber attacks.
The shift in policy comes following a year in which ransomware once again topped the charts of the most-used cyber attacks against businesses and critical organisations.
Monaco said that charging suspects in cyber crime cases will still be the priority, but taking a hybrid approach to disrupting cyber crime will make law enforcement authorities “nimbler” and more capable, she said.
“Now, as a former prosecutor, I can tell you that this approach is not the first instinct for trial lawyers who live in the courtroom,” said Monaco. “But my message to the department is clear: we should be looking for success both inside and outside the courtroom.
“And my message to cybercriminals is equally clear: the long arm of the law can — and now will — stretch much farther into cyberspace than you think. If you continue to come for us, we will come for you.”
In addition to directly disrupting attacks through decryptors and server seizures, Monaco also said the US will consider a broader range of disruptive techniques including sanctions and export controls.
She also announced the US is creating the Cyber Operations International Liaison - a unit that will see cross-border collaboration between the US and European agencies to expedite investigations into cyber criminal activity.
Collaboration between international law enforcement agencies and the relevant cyber crime institutions has yielded some high-profile results in the past year, including the takedown of the long-ruling Emotet botnet and the arrest of multiple REvil ransomware gang members.
The US and European agencies will also be launching an International Virtual Currency Initiative to combat the abuse of virtual currency, Monaco said. It will further the country’s own domestic unit, the National Cryptocurrency Enforcement Team, the launch of which was announced in 2021.
Cryptocurrency is used commonly in criminal operations to hide the identities of the criminals launching the attacks by obscuring blockchain transactions, making the tracking of funds more difficult for law enforcement.
The US announced its biggest ever seizure of cryptocurrency earlier this month. A total of $3.6 billion was seized from a married couple allegedly laundering money after the 2016 hack on currency exchange Bitfinix.
RELATED RESOURCE
“We are issuing a clear warning to criminals who use cryptocurrency to fuel their schemes. We also call on all companies dealing with cryptocurrency: we need you to root out cryptocurrency abuses,” she said. “To those who do not, we will hold you accountable where we can.”
The US has been vocal about its mounting efforts against cyber crime since the high-profile ransomware attacks of 2021, including those affecting JBS Foods and Colonial Pipeline, the latter of which prompted such crime to be promoted to ‘terrorism’ status in the eyes of the US.
The Cybersecurity and Infrastructure Security Agency (CISA) also enforced a policy in 2021 that compelled all federal agencies to patch some of the most serious security vulnerabilities to improve the nation's cyber posture. It set different deadlines depending on how recently any given vulnerability was discovered.
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
-
NCA confirms arrest after airport cyber disruptionNews Disruption is easing across Europe following the ransomware incident
-
Cyber professionals are losing sleep over late night attacksNews Hackers are biding their time and launching attacks when businesses can’t respond
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
