United States politicians appear to have a new stick to beat the crypto sector with – as they prepare an onslaught on ransomware and crypto payments to criminal groups.
Per Reuters, a senior official at the Department of Justice (DOJ) confirmed that the department is set to elevate the status of ransomware attack probes to the same kind of level as terrorism incidents.
Reuters reported that the DOJ has sent regional US attorneys updated guidance that includes updated protocols on when to involve central bodies – with some pertaining to crypto exchanges.
John Carlin, the Principal Associate Deputy Attorney General at the DOJ, was quoted as stating:
“We really want to make sure prosecutors and criminal investigators report and are tracking […] cryptocurrency exchanges, illicit online forums or marketplaces where people are selling hacking tools, network access credentials.”
The comments come just days after White House Principal Deputy Press Secretary Karine Jean-Pierre told members of the press in a briefing session that “combating ransomware is a priority for the [President Joe Biden] administration.”
She added that Biden had ordered “a rapid strategic review to address the increased threat of ransomware.” This review will include “expanding cryptocurrency analysis to find and pursue criminal transaction[s].”
America-based companies have been forced to pay staggeringly high crypto ransoms of late, with three recent incidents in particular striking terror into the United States business community. The first was a strike in March on the insurer CNA – which paid USD 40m in crypto to a hacker group to resolve the issue.
Next came an attack from the DarkSide hacking group, which used ransomware on Colonial Pipeline in May, disrupting the oil and gas supply to a number of East Coast locations.
The most recent, believed to have been the work of the REvil ransomware-as-a-service (RaaS) organization, saw production scream to a halt at JBS meat processing plants.
Total cryptocurrency value received by ransomware addresses
In at least two cases, the companies in question appear to have paid crypto ransoms to attackers – a move that appears to have irked some American lawmakers.
Carolyn Maloney, the Chairwoman of the House Committee on Oversight and Reform, wrote letters to both CNA and Colonial Pipeline, demanding the firms release documents detailing the nature of the payments.
She also wrote, in a statement:
“I am extremely concerned that the decision to pay international criminal actors sets a dangerous precedent that will put an even bigger target on the back of critical infrastructure going forward. Congress needs detailed information about ransom payments made to cybercriminal actors to legislate effectively on cybersecurity and ransomware in the United States.”
In her letters to Colonial and CNA, she also asked the firms to release data about the communications they had had with the hackers about “the transfer of funds or cryptocurrencies to the attackers their representatives,” as well as data about “accounts or cryptocurrency wallets under their control and any intermediaries used in such transactions.”
The lawmaker asked for evidence of “any sanctions screening regarding the ransom payment, including verification of the identity of the recipient of any payment.”
And she also demanded the firms be forthcoming with “any internal communications among employees of Colonial Pipeline regarding the ransom payment.”
Colonial’s CEO and the chief technical officer of the cybersecurity firm FireEye will appear before a House subcommittee in a virtual hearing slated to be held on Wednesday next week.
– Another US Regulator Wants Agencies to Join Hands to Regulate Crypto
– Task Force to Tell Washington: Ramp Up Crypto Exchange Regulation