The Justice Department has created a task force to centrally track and coordinate all federal cases involving ransomware or related types of cybercrime, such as botnets, money laundering, and bulletproof hosting.
“To ensure we can make necessary connections across national and global cases and investigations… we must enhance and centralize our internal tracking of investigations and prosecutions of ransomware groups and the infrastructure and networks that allow the threats to persist,” Deputy Attorney General Lisa Monaco told US attorneys throughout the country on Thursday. She issued the directive in a memo that was first reported by Reuters. Investigators in field offices around the country would be expected to share information as well.
The new directive applies not just to cases or investigations involving ransomware but a host of related scourges, including:
- Counter anti-virus services
- Illicit online forums or marketplaces
- Cryptocurrency exchanges
- Bulletproof hosting services
- Online money laundering services
All ransomware all the time
The heightened scrutiny comes as two recent ransomware attacks—first on Colonial Pipeline in May and three weeks later on meat producer JBS—have exposed the fragility of the nation’s critical supply chains. By using an ad-hoc group to track cases centrally, Justice Department officials hope the move brings focus and consistency to the investigations it conducts and cases it brings.
On Thursday, at least two new ransomware infections surfaced. The first struck Cox Media Group and, according to The Record, left the media company unable to provide livestreaming for TV stations and internal networks. The second hit UF Health Central Florida, which operates two hospitals. A spokesman for UF Health said that access to email and most other system platforms had been suspended. Staff in all hospitals and physician clinics are now using pen and paper to document and order care.
Monaco’s memo instructs attorneys to notify senior Justice Department officials whenever they open a case involving ransomware or when there are significant developments. The memo comes as ransomware has become a regular topic of discussion at White House press briefings and is among the concerns Biden plans to raise at a meeting scheduled for later this month with Russian President Vladimir Putin.