The Justice Department will focus more on fighting cybercrime, even if it means jeopardizing arrests
By Sean Lyngaas, CNN
The Justice Department is changing its approach to cybercrime to focus more on preventing further harm to victims, even if in some cases that means warning suspects and jeopardizing arrests, Deputy Attorney General Lisa announced Thursday. Monaco.
Monaco said the department needed to apply the “same thinking” it does to thwart terror attacks to try to lessen the impact of damaging hacking incidents, such as ransomware.
“Going forward, prosecutors, agents, and analysts will now assess at every stage of a cyber investigation whether to use disruptive actions against cyber threats, even though they might otherwise warn cybercriminals and jeopardize the potential for charges and arrests,” Monaco told the Munich Cybersecurity Conference.
Justice Department officials will, of course, continue to focus on apprehending and prosecuting cybercriminals. But they will take a closer look at how providing ransomware decryption keys to victims and seizing computer servers used by cybercriminals could lessen the impact of hacking incidents, Monaco said.
The increased focus on victims follows a case last year in which, according to a Washington Post report, the FBI withheld a decryption key for nearly three weeks that could have unlocked the computer systems of hundreds of companies infected with ransomware.
The bureau temporarily held on to the key as it planned an operation to disrupt the hackers behind the ransomware, but the key could have helped victims like schools and hospitals avoid potentially millions of dollars in losses, according to the report.
In November, the Justice Department announced the arrest and indictment of a Ukrainian national for allegedly carrying out the ransomware attack.
After ransomware disrupted US critical infrastructure companies such as Colonial Pipeline in 2021, law enforcement officials continued to look for ways to revamp the department’s approach to cybercrime to better track and intercept currency. numbers used by hackers.
Monaco announced another element of this strategy on Thursday: the FBI will form a new team of cryptocurrency experts who will focus on blockchain analysis and cryptocurrency seizures. She touted the department’s recent record-breaking seizure of $3.6 billion in cryptocurrency, which coincided with the arrest of a flamboyant young New York couple for allegedly attempting to launder the money.
But the new team at the FBI’s Virtual Assets Operations Unit will have their work cut out for them.
Cybercrime — including the ransomware economy targeted by the Biden administration — remains hugely lucrative.
Cybercriminals received more than $1.2 billion in ransom payments in 2020 and 2021 combined, according to cryptocurrency tracking firm Chainalysis.
Ransomware and other digital extortion “only work if the bad guys get paid, which means we have to break their business model,” Monaco said.
The US Treasury Department last September sanctioned a cryptocurrency exchange that US officials have accused of doing business with hackers behind eight types of ransomware.
Monaco made a direct appeal to cryptocurrency exchanges on Thursday: “We need you to root out cryptocurrency abuse. For those who don’t, we’ll hold you accountable where we can.
Monaco also said Eun Young Choi, a justice official who led the prosecution of a Russian hacker convicted of stealing data on 100 million consumers, would be the first director of the national team to combat the department’s cryptocurrency. The team, formed last year, includes prosecutors from across the department tasked with investigating cryptocurrency misuse.
™ & © 2022 Cable News Network, Inc., a WarnerMedia company. All rights reserved.
CNN’s Evan Perez contributed to this report.