Skip to content

DOJ ransomware task force raises questions, concerns

Posted by: GuidePoint Security

2 min read

October 3, 2024 – Published on TechTarget

The U.S. Department of Justice in recent years has stepped up its efforts against ransomware, but the apparent failure of the department’s task force shows there is still much work to be done.

The Office of the Inspector General (OIG) last month published a report for an audit that delved into the Department of Justice’s efforts against ransomware, which includes the Ransomware and Digital Extortion Task Force (RTS) that was created in 2021. In a memo announcing the RTS, Acting Deputy Attorney General John P. Carlin wrote that 2020 was “the worst year to date for ransomware attacks,” and that the task force would bring all the department’s resources to bear against the threat.

However, the OIG said that didn’t happen. While the DOJ’s task force was established to direct the department’s efforts toward the ongoing threat, the OIG report showed that the RTS may have fell short.

In the report, the OIG stated the DOJ needed to provide clearer metrics to track disruption efforts and demonstrate the effectiveness of the department’s actions taken against the threat. Levy echoed those sentiments and said that’s the only way to measure the effectiveness of the DOJ’s actions.

Jason Baker, threat intelligence consultant at GuidePoint Security, also agreed that a lack of metrics is a substantial problem for the DOJ, as well as visibility. “The most obvious issue we see working with clients and victims of ransomware on a regular basis is the problem with visibility. The FBI has and is always going to have a suboptimal level of visibility into ransomware’s genuine impact on U.S.-based private organizations.”

Baker attributed part of the visibility challenge to a lack of reporting requirements for most victims. While the U.S. Securities and Exchange Commission recently instituted reporting rules for public companies, the requirements are not there for small to medium-sized businesses and some privately held organizations, he said.

Read More HERE.

Categories: Incident Response & Threat Intelligence
Tags:GRITransomware

GuidePoint Security

Risky Recovery: Ransomware “Decryption” Scams Remain in 2024
Note: To protect the identity of the individuals involved in these events, some details of the ransomware attack and recovery […]
View Page

Related Articles

View All

  • GRIT Blog
Risky Recovery: Ransomware “Decryption” Scams Remain in 2024
Posted by: Justin Timothy
Published 09/19/24, 09:00am
Read More 8 min read
  • Incident Response & Threat Intelligence
Should your company pay cybercriminals after a ransomware attack? It depends.
Read More < 1 min read
  • Incident Response & Threat Intelligence
GRIT Ransomware Report-2024-Q2
Read More < 1 min read