Washington CNN —
The Justice Department is shifting its approach to cybercrime to focus more on preventing further harm to victims, even if in some cases it means tipping off suspects and jeopardizing arrests, Deputy Attorney General Lisa Monaco announced Thursday.
Monaco said the department needed to apply the “same thinking” it does to thwarting terrorist attacks to trying to blunt the impact of damaging hacking incidents, such as ransomware.
“Moving forward, prosecutors, agents and analysts will now assess at each stage of a cyber investigation whether to use disruptive actions against cyber threats even if they might otherwise tip the cybercriminals off and jeopardize the potential for charges and arrests,” Monaco said at the Munich Cyber Security Conference.
Justice Department officials will, of course, continue to focus on arresting and prosecuting cybercriminals. But they will more carefully consider how providing decryption keys for ransomware to victims and seizing computer servers used by cybercriminals could lessen the impact of hacking incidents, Monaco said.
The greater focus on victims follows a case last year in which, according to a Washington Post report, the FBI withheld a decryption key for nearly three weeks that could have unlocked the computer systems of hundreds of businesses infected with ransomware.
The bureau temporarily retained the key because it was planning an operation to disrupt the hackers behind the ransomware, but the key could have helped victims like schools and hospitals avoid potentially millions of dollars in losses, according to the report.
In November, the Justice Department announced the arrest and charging of a Ukrainian national for allegedly carrying out the ransomware attack.
After ransomware disrupted US critical infrastructure companies such as Colonial Pipeline in 2021, Justice officials have continued to look for ways to revamp the department’s approach to cybercrime to better track and intercept the digital currencies used by hackers.
Monaco announced another piece of that strategy Thursday: The FBI will form a new team of cryptocurrency experts that focus on blockchain analysis and seizing cryptocurrency. She touted the department’s recent record seizure lof $3.6 billion in cryptocurrency, which coincided with the arrest of a flamboyant young New York couple for allegedly trying to launder the money.
But the FBI’s new Virtual Asset Exploitation Unit team will have its work cut out for them.
Cybercrime – including the ransomware economy the Biden administration has targeted – remains immensely lucrative.
Cybercriminals received more than $1.2 billion in ransom payments in 2020 and 2021 combined, according to cryptocurrency-tracking firm Chainalysis.
Ransomware and other digital extortion “only work if the bad guys get paid, which means we have to bust their business model,” Monaco said.
The US Treasury Department last September sanctioned a cryptocurrency exchange that US officials accused of doing business with hackers behind eight types of ransomware.
Monaco had a direct appeal to cryptocurrency exchanges on Thursday: “We need you to root out cryptocurrency abuses. To those who do not, we will hold you accountable where we can.”
Monaco also said that Eun Young Choi, a Justice official who led the prosecution of a Russian hacker convicted of stealing data on 100 million consumers, would be the first director of the department’s National Cryptocurrency Enforcement Team. The team, formed last year, comprises prosecutors across the department charged with investigating the misuse of cryptocurrency.