US to give ransomware 'terrorism' status

News
By published

Department of Justice will require all ransomware cases to be centrally coordinated via Washington

Visual representation of ransomware by showing encrypted files on a display
(Image credit: Shutterstock)

The US Department of Justice (DoJ) is elevating ransomware investigations to a similar status as terrorism, following critical attacks across the country, such as the Colonial Pipeline hack.

On Thursday, internal guidance sent to US attorney's offices across the country said that ransomware investigations in the field should be centrally coordinated with a new task force in Washington, according to Reuters.

Fujifilm hit by suspected ransomware attack What is ransomware? Colonial Pipeline CEO confirms $4.4 million payment to DarkSide hackers

All investigating officers will be expected to share both updated case details and active technical information with the officials in Washington, with further stipulations to included other investigations around cyber crime.

"It's a specialised process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain," said John Carlin, the principal associate deputy attorney general at the DoJ.

The change comes amid growing concerns about the rise of ransomware cases, particularly in the US. Last month, a suspected Russian-based group hacked into the Colonial Pipeline operator and locked its system down with a demand for ransom. The incident lasted several days and led to a spike in gas prices, panic buying and localised fuel shortages.

RELATED RESOURCE

Four ransomware resiliency challenges you can combat with confidence

The benefits of a multi-layered security solution

FREE DOWNLOAD

"The US government is absolutely right to raise the fight against cybercriminals to the same level as its efforts against violent extremism, with attacks in recent months highlighting the devastating impact that ransomware can have," said Dr Francis Gaffney, director of threat intelligence and response at the cybersecurity firm Mimecast.

"These attacks can have massive ramifications for organisations such as downtime and loss of productivity. Our research also showed that 33% of UK businesses affected by ransomware suffered between two and three days of downtime, with business disruption (38%), impact on employee productivity (35%), and data loss (29%) the most common consequences"

Bobby Hellard
Bobby Hellard

Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.

Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.

More about ransomware
Ransomware concept image showing digitized padlock pictured on a laptop screen on red background

February was the worst month on record for ransomware attacks – and one threat group had a field day
Medusa statue bust on white background

CISA issues warning over Medusa ransomware after 300 victims from critical sectors impacted
Female job candidate with short hair participating in a video call interview while using AI tools on small tablet device out of view of the recruiter.

‘If you want to look like a flesh-bound chatbot, then by all means use an AI teleprompter’: Amazon banned candidates from using AI tools during interviews – here’s why you should never use them to secure a job
See more latest
Most Popular
Female job candidate with short hair participating in a video call interview while using AI tools on small tablet device out of view of the recruiter.
‘If you want to look like a flesh-bound chatbot, then by all means use an AI teleprompter’: Amazon banned candidates from using AI tools during interviews – here’s why you should never use them to secure a job
Jeremy Fleming, former head of GCHQ, onstage with Haider Pasha, chief security officer, EMEA & LATAM at Palo Alto Networks at Ignite London 2025.
Businesses must get better at sharing cyber information, urges former GCHQ chief
A Dell Inspiron 14 AI PC pictured inside a Best Buy store on Black Friday in Pinole.
AI PCs are becoming a no-brainer for IT decision makers
Wifi symbol, internet connection, business, global communication, mobile network, 5g, mobile phone
94% of Wi-Fi networks are vulnerable to deauthentication attacks
UK Prime Minister Keir Starmer speaking during a Q&A session after delivering a speech on plans to reform the civil service, during a visit to Reckitt Benckiser Health Care UK.
Starmer bets big on AI to unlock public sector savings
Ransomware concept image showing digitized padlock pictured on a laptop screen on red background
February was the worst month on record for ransomware attacks – and one threat group had a field day
Programming code and big data wave on a black background.
Open source security in the spotlight as UK gov publishes fresh guidance
Cartoon-style recruitment concept image showing male job candidate sitting across desk from female hiring manage during an interview.
Tech talent shortages mean firms are scrapping traditional recruitment strategies
Agentic AI concept image showing human brain split in two halves, with one side digitized on a grid pattern and the other illuminated in yellow with brainwaves emitting.
National Grid investment wing backs AI startups to boost energy efficiency
Layoffs concept image showing line of cartoon-style laid-off workers leaving an office space with belongings in cardboard boxes.
Laid-off workers are ditching full-time work: 70% of staff caught up in brutal layoffs opted for part-time roles and freelance gigs – and flexibility was the big appeal for many