“It’s a specialised process to ensure we track all ransomware cases regardless of where it may be referred in this country,so you can make the connections between actors and work your way up to disrupt the whole chain,” said John Carlin,principle associate deputy attorney general at the Justice Department.
Last month,a cyber criminal group that the US authorities said operates from Russia,penetrated the pipeline operator on the US East Coast,locking its systems and demanding a ransom. The hack caused a shutdown lasting several days,led to a spike in gas prices,panic buying and localised fuel shortages in the southeast.
Colonial Pipeline decided to pay the hackers who invaded their systems nearly $5 million to regain access,the company said.
The DOJ guidance specifically refers to Colonial as an example of the “growing threat thatransomwareand digital extortion pose to the nation.”
Loading
“To ensure we can make necessary connections across national and global cases and investigations,and to allow us to develop a comprehensive picture of the national and economic security threats we face,we must enhance and centralise our internal tracking,” said the guidance seen by Reuters and previously unreported.
The Justice Department’s decision to push ransomware into this special process illustrates how the issue is being prioritised,US officials said.