Ransomware attacks have become the talk of the town globally after cybercriminals caused severe damage to the country by disrupting operations of Colonial Pipeline and meat processing giant JBS recently. The U.S. government is taking necessary precautions on high priority to curb the rising ransomware threats. Recently, the U.S. Department of Justice (DoJ) and the FBI stated that the investigations of ransomware attacks are given utmost concern as terrorist attacks.
— FBI (@FBI) June 4, 2021
The agencies claimed that the data related to ransomware investigations will be centrally coordinated with a newly created task force based in Washington. The information related to ransomware attacks and their field investigations will be centrally coordinated with the task force leaders in Washington.
The list of cybercrime cases that now require central notification includes counter anti-virus services, illicit online forums or marketplaces, cryptocurrency exchanges, bulletproof hosting services, botnets, and online money-laundering services.
The Justice Department’s decision to push ransomware investigations to high priority shows how serious the issue is.
“It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain.
We’ve used this model around terrorism before but never with ransomware. We want to make sure prosecutors and criminal investigators report and are tracking cryptocurrency exchanges, illicit online forums or marketplaces where people are selling hacking tools, network access credentials — going after the botnets that serve multiple purposes,” said John Carlin, the principal associate deputy attorney general at the Justice Department.
DoJ Arrests Trickbot Malware’s Developer
In a recent development, the DoJ charged a Latvian woman – Alla Witte – for her involvement in creating and deploying the infamous banking Trojan – Trickbot. Witte allegedly worked with the Trickbot Group, which distributed the Trickbot malware to various organizations. The Trickbot malware allowed cybercriminals to compromise targeted devices and steal personal and financial information like login credentials, credit card numbers, emails, passwords, dates of birth, social security numbers, and addresses.
“This indictment demonstrates the broad reach of the Department of Justice’s Ransomware and Digital Extortion Task Force. Trickbot infected millions of victim computers worldwide and was used to harvest banking credentials and deliver ransomware. The defendant is accused of working with others in the transnational criminal organization to develop and deploy a digital suite of malware tools used to target businesses and individuals all over the world for theft and ransom. These charges serve as a warning to would-be cybercriminals that the DoJ, through the Ransomware and Digital Extortion Task Force and alongside our partners, will use all the tools at our disposal to disrupt the cybercriminal ecosystem,” said Deputy Attorney General Lisa O. Monaco.