The United States Department of Justice is set to raise the priority of ransomware attacks to a similar priority level as terrorist attacks following the Colonial Pipeline hack, Reuters has reported. Ransomware is a particularly nasty piece of malware that finds its way onto a target system, encrypts the files on the hard drive, and then shows a message demanding that the victim pay money if they want their files to be decrypted.
According to Reuters, internal guidance was sent to the U.S. attorney’s offices across the country, it said that information pertaining to ransomware investigations should be centrally coordinated with a new task force based in Washington D.C. It’s hoped that this new process will make tracking ransomware cases easier, it should also help to make connections between actors and disrupt the attackers’ operations.
Discussing what the changes will enable, John Carlin, principle associate deputy attorney general at the Justice Department, said:
“We really want to make sure prosecutors and criminal investigators report and are tracking ... cryptocurrency exchanges, illicit online forums or marketplaces where people are selling hacking tools, network access credentials - going after the botnets that serve multiple purposes.”
Hopefully, the change in how the U.S. deals with ransomware attacks will help to limit these criminal activities. In the case of the Colonial Pipeline attack mentioned earlier, the company decided to pay almost $5 million to the hackers to regain access to their systems.