The Justice Department announced Thursday it will elevate ransomware-attack investigations to the same priority as terrorism amid a rise in such targeting of American businesses by Russian-based hackers.
In a memo sent to U.S. attorneys’ offices across the country, the department said every new report of an attack or unfolding developments in an ongoing investigation must be declared “urgent.”
That means that top department officials in Washington will be updated on case details.
The memo also requires that all ransomware investigations must be coordinated with a recently created department task force.
It also expands the type of investigations that require central notification to include cryptocurrency exchanges, online money-laundering services, illicit online forums or marketplaces, and bulletproof hosting services.
“We must enhance and centralize our internal tracking of investigations and prosecutions of ransomware groups and the infrastructure and networks that allow these threats to persist,” Deputy Attorney General Lisa Monaco wrote in the memo.
A ransomware attack is carried out by hackers who infiltrate a computer system and then demand financial compensation in exchange for returning the data or system to the owner.
Such attacks have increased over the past several weeks. In May, a cyberattack on Colonial Pipeline Co. resulted in gas shortages, increased oil prices and consumer panic.
On Tuesday, a ransomware group hacked JBS USA, the world’s largest meatpacking firm.
The FBI has linked both attacks to Russian-based hacking groups.
The Colonial Pipeline hack has been attributed to DarkSide, while the JBS attack was linked to REvil. Neither group is said to have ties to the Russian government.
In the memo, Ms. Monaco cited the Colonial Pipeline hack as an example of how ransomware threatens America’s “national and economic security.”