Justice Department convenes task force to tackle wave of ransomware attacks

The Justice Department this week convened a new task force to address the mounting ransomware cyberattacks on critical U.S. organizations that have spiked during the COVID-19 pandemic. 

The Ransomware and Digital Extortion Task Force, first reported on Wednesday by The Wall Street Journal, will be made of officials from the agency’s National Security Division, Criminal Division, Civil Division, Executive Office of U.S. Attorneys and FBI.  

It will be charged with working to ensure the Justice Department prioritizes pursuing cases involving ransomware attacks by increasing training for employees, focusing on intelligence sharing across the agency, improving coordination and leveraging all investigative leads. 

The task force will also create and implement a strategy to combat the criminal enterprise involved in ransomware attacks along with strengthening public-private partnerships between the Justice Department and the private sector to address ransomware attacks and furthering collaboration with international partners. 

Acting Deputy Attorney General John Carlin announced the task force in a memo, obtained by The Hill, sent to task force members on Tuesday.

Carlin wrote that the ransomware attacks, which involve attackers holding critical networks hostage and demanding payment, could have “devastating human and financial consequences.”

“When criminals target critical infrastructure such as hospitals, utilities, and municipal networks, their activity jeopardizes the safety and health of Americans,” Carlin wrote. 

“The Task Force will bring all of the Department’s resources to bear to bolster our all-tools approach and work with our partners here and abroad to combat the threat of ransomware and digital extortion, and to ensure that we hold those who participate in the propagation of these crimes responsible and accountable,” he added. 

The task force was convened following a year that saw a huge increase in ransomware attacks during the COVID-19 pandemic against groups including hospitals, schools and other critical organizations, with cyber criminals targeting vulnerable organizations to make money. 

The Justice Department has announced numerous cases targeting cyber criminals involved in carrying out ransomware attacks.

These efforts included recently working with allied nations to disrupt the Emotet botnet, described as the “world’s most destructive malware,” issuing indictments against North Korean hackers involved in stealing billions of dollars in cryptocurrency, and bringing multiple other charges against hackers based in China, Russia and Iran. 

“Although the Department has taken significant steps to address cybercrime, it is imperative that we bring the full authorities and resources of the Department to bear to confront the many dimensions and root causes of this threat,” Carlin wrote.

The Justice Department is not the only agency that has made tackling ransomware a key priority.

Homeland Security Secretary Alejandro Mayorkas described the escalating ransomware attacks in February as an “epidemic.”

Mayorkas later announced in March that combating ransomware would be the focus of the first of several 60-day cybersecurity sprints the Department of Homeland Security would take on, with Mayorkas stressing the need to confront the “national security threat” of ransomware. 

“There are actors out there who maliciously use ransomware during an unprecedented and ongoing global pandemic, disrupting hospitals as hundreds of thousands die,” Mayorkas said during a virtual speech. “This should shock everyone’s conscience.”