Justice Department Stepping Up Firepower To Combat Cyber Crime

November 4, 2021

By a Biometrica staffer

The Department of Justice (DOJ) is stepping up its firepower in the fight against the rapidly growing threat of ransomware attacks and cybercrime. This news comes as President Joe Biden’s administration escalates its response to what it considers an urgent economic and national security threat. In an interview with the Associated Press, DOJ Deputy Attorney General Lisa Monaco said that “in the days and weeks to come, you’re going to see more arrests,” more seizures of ransom payments to hackers, and additional law enforcement operations.

The United States has repeatedly faced various kinds of cyberattacks in recent times, with targets ranging from infrastructure to education, and mostly due to criminals wielding ransomware. Monaco’s interview with the Associated Press also comes only a month after news that Amazon-owned gaming platform Twitch suffered a “highly targeted attack” that revealed a large trove of sensitive data, including Twitch’s entire source code and several years of payout information for the service’s most popular streamers.

What baffled and worried cybersecurity experts when the Twitch hack happened was its scale. “How on earth did someone exfiltrate 125 GB of the most sensitive data imaginable without tripping a single alarm,” asked Archie Agarwal, founder and CEO at New Jersey cybersecurity firm ThreatModeler per a Guardian article. And the Twitch attack is not the only recent massive data breach of a gaming company, which appears to be the latest in a growing line of industries that have repeatedly been attacked by cybercriminals over the past year.

In September, vpnMentor reported that its research team had discovered a data breach belonging to Chinese mobile gaming company EskyFun. Here, too, the scale of the attack had many worried, to say the least. Over one million Android gamers were estimated to have been potentially exposed to fraud, hacking, and much worse by this data breach. What complicated matters in this case, per the vpnMentor report, was that much of the data was incredibly sensitive and was stored on an unsecured server, raising questions around why a video game company needed to keep such detailed files on its users at all.

The United States is at an “inflection point” in terms of cyber threats, Monaco said at the DOJ’s Criminal Division’s fifth Cybersecurity Roundtable last month. At that event, she also emphasized that the need for collective action to combat cyber threats has never been greater.

In her interview with the Associated Press, Monaco said the DOJ’s measures come even as the U.S. continues to endure a “steady drumbeat” of attacks, despite President Biden’s admonitions last summer to Russian counterpart Vladimir Putin after a spate of lucrative attacks were linked back to Russia-based hacking gangs. National Cyber Director Chris Inglis, though, said there was a “discernible decrease” in attacks emanating from Russia but that it was too soon to say why, according to the Associated Press.

Even so, Monaco said the DOJ is not going to stop and will continue to press forward and hold those who seek to “go after our industries, hold their data hostage and threaten economic security, national security and personal security” accountable.

Monaco said the public should expect to see more seizures like the one the DOJ pulled off in the Colonial Pipeline attack. On May 10, a group of cybercriminals went after the company, which supplies roughly 45% of the fuel consumed on the East Coast in an attack whose immediate aftermath left the company with no choice but to shut down its entire network. Colonial Pipeline paid more than $4 million in ransom, but the DOJ managed to get the majority of it back by seizing access to the cryptocurrency wallet used by the criminals, known as DarkSide. It’s these types of seizures that Monaco now says everyone should expect.

Last month, Monaco also announced that the DOJ and other law enforcement agencies were looking for the public’s help in fending off such attacks. Given the nature of cybercrime, the threat environment, and the stakes involved, the DOJ and other agencies cannot do this alone, she had said. “We need reporting from victims to address this threat, to prevent additional victims.”

The DOJ has also taken several other steps in the battle against cybercrime. Biometrica wrote about those in an earlier story, which can be found here.