The US Office of Justice’s (DoJ) solution to disrupting and protecting against cybercrime was laid bare by Lisa Monaco, Deputy Attorney General of the United States, during the opening keynote session at the RSA 2023 conference.
Monaco highlighted that in current decades the DoJ has evolved its approach to tackling surging cyber-threats to the govt and broader economy. This has revolved about “putting the victims at the center” instead than measuring achievements by the prosecution of cyber-risk actors by means of the courts.
The DoJ’s productive restoration of tens of millions of dollars’ value of bitcoin compensated to attackers following the Colonial Pipeline attack in May perhaps 2021 is an example of this approach, Monaco highlighted. In this scenario action was taken to stick to the revenue paid out in cryptocurrency, somewhat than inserting blame on the victim of the incident.
Yet another case in point was the takedown of the Hive ransomware gang’s infrastructure in January 2023, next an international legislation enforcement procedure. This enabled the govt to gain access to the group’s pc networks, enabling businesses to capture decryption keys and distribute them to Hive victims globally. Monaco observed that this was a long and individual operation, a “modern-day cyber stakeout.”
Browse more: #RSAC: Cyber Intrusion Campaign From 3 US Federal Agencies Thwarted
She emphasized that these kinds of operations are only achievable by means of cooperation – amongst distinctive federal government agencies globally and crucially, with target organizations. Monaco praised Colonial Pipeline’s “brave determination to arrive ahead to do the job with us” just after the attack and urged other target organizations to access out to the DoJ to accomplish comparable results.
“It’s great for the small business, and it is excellent for The united states due to the fact you are serving to us stop that subsequent attack,” she mentioned.
Talking about the modern conviction of former Uber CISO Joe Sullivan, Monaco pressured that this prosecution was brought about by Sullivan’s intentional perform in deceptive the Federal Trade Commission (FTC) about the character of the incident.
She stated that it should not in any way set off CISOs from partaking with the federal authorities about incidents.
Some parts of this article are sourced from:
www.infosecurity-magazine.com