Skip to content

DOJ Reorganizes Units to Better Fight Ransomware

Posted by:
2 min read

Jul 25, 2023 – Published on Security Boulevard

he U.S. Justice Department is expanding its whole-of-government approach to battling cyberthreats by folding the team that investigates cryptocurrency-related criminal cases into its cybercrime unit. The move brings together the capabilities for investigating the ransomware life cycle, from the initial access to the ransom payment.

In a talk this month at the Center for Strategic and International Studies, Nicole Argentieri, principal deputy assistant attorney general and soon-to-be acting assistant attorney general, said the DOJ’s two-year-old National Cryptocurrency Enforcement Team (NCET) will merge with its Crime and Intellectual Property Section (CCIPS).

The merged unit will enable the investigators with deep cryptocurrency expertise to work more closely with those focused on cybercrime, essentially doubling the number of attorneys who can work on criminal crypto cases and giving the work equal status within the DOJ’s Criminal Division, Argentieri said.

The DOJ has had some victories against ransomware gangs. In January, the FBI infiltrated and disrupted the Hive ransomware operation by seizing the threat group’s websites and servers. The CCIPS also showed victims how to decrypt their computers without having to pay a ransom, Assistant Attorney General Kenneth Polite said at the same Center for Strategic and International Studies event.

Polite said the DOJ has run 23 successful cybercrime disruption operations against such malware families as Netwalker and CryptoLocker while also shutting down forums on the dark web, including Silk Road, BreachForums, and Genesis Market.

More of that is needed if there’s hope of stemming the rising tide of ransomware. GuidePoint Security, in a report last week, said there was a 38% increase between the first and second quarters in the volume of victims that ransomware groups publicly posted and a 100% increase year-over-year in Q2. GuidePoint researchers also pointed to a rise in the number of ransomware-as-a-service operations, with 14 new RaaS groups emerging in the second quarter.

Read More HERE.

Categories: Incident Response & Threat Intelligence News
Tags:GRITransomware

GuidePoint Security

GRIT Ransomware Report-2023-Q2
Q2 of 2023 continued a trend of increasing numbers of ransomware victims, brought a record increase in the number of first-seen ransomware groups, and brought new vulnerabilities that lead to large-scale attacks. Victim volume reached the highest volume observed since GRIT began tracking and reporting on ransomware statistics in 2022.
Download Now

Related Articles

View All

  • Incident Response & Threat Intelligence
GRIT Ransomware Report-2023-Q2
Read More < 1 min read
  • Incident Response & Threat Intelligence
EP 72: TALES FROM A RANSOMWARE NEGOTIATOR
Read More < 1 min read
  • Incident Response & Threat Intelligence
Reckoning with Ransomware
Read More 2 min read