US to give ransomware 'terrorism' status
Department of Justice will require all ransomware cases to be centrally coordinated via Washington


The US Department of Justice (DoJ) is elevating ransomware investigations to a similar status as terrorism, following critical attacks across the country, such as the Colonial Pipeline hack.
On Thursday, internal guidance sent to US attorney's offices across the country said that ransomware investigations in the field should be centrally coordinated with a new task force in Washington, according to Reuters.
All investigating officers will be expected to share both updated case details and active technical information with the officials in Washington, with further stipulations to included other investigations around cyber crime.
"It's a specialised process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain," said John Carlin, the principal associate deputy attorney general at the DoJ.
The change comes amid growing concerns about the rise of ransomware cases, particularly in the US. Last month, a suspected Russian-based group hacked into the Colonial Pipeline operator and locked its system down with a demand for ransom. The incident lasted several days and led to a spike in gas prices, panic buying and localised fuel shortages.
RELATED RESOURCE
Four ransomware resiliency challenges you can combat with confidence
The benefits of a multi-layered security solution
"The US government is absolutely right to raise the fight against cybercriminals to the same level as its efforts against violent extremism, with attacks in recent months highlighting the devastating impact that ransomware can have," said Dr Francis Gaffney, director of threat intelligence and response at the cybersecurity firm Mimecast.
"These attacks can have massive ramifications for organisations such as downtime and loss of productivity. Our research also showed that 33% of UK businesses affected by ransomware suffered between two and three days of downtime, with business disruption (38%), impact on employee productivity (35%), and data loss (29%) the most common consequences"
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.
Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.
-
Helping customers adopt a multi-cloud infrastructure and accelerate their modernization journey
Sponsored Content We outline what shifting to a subscription model means for your business
-
UK firms are 'sleepwalking' into smart building cyber threats
News The convergence of operational technology and IT systems is posing serious risks for property firms.
-
Swiss government data published following supply chain attack – here’s what we know about the culprits
News Radix, a non-profit organization in the health promotion sector, supplies a number of federal offices, whose data has apparently been accessed.
-
Ransomware victims are getting better at haggling with hackers
News While nearly half of companies paid a ransom to get their data back last year, victims are taking an increasingly hard line with hackers to strike fair deals.
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker group
News An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabs
News An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operators
News A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attack
News A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
Scattered Spider: Who are the alleged hackers behind the M&S cyber attack?
News The Scattered Spider group has been highly active in recent years
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reported
News Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.