"The Office of the Deputy Attorney General (ODAG) memorandum that established the Ransomware Task Force also contained several strategic areas, including directing the Ransomware Task Force to design and implement a strategy to disrupt and dismantle the ransomware criminal ecosystem, specifying this strategy should include the use of all available criminal, civil, and administrative actions, such as the takedown of servers and seizures of ransomware proceeds," the OIG wrote in the report. The Office of the Inspector General (OIG) last month published a report for an audit that delved into the Department of Justice's efforts against ransomware, which includes the Ransomware and Digital Extortion Task Force (RTS) that was created in 2021. The Office of the Inspector General report said the Department of Justice contributed to several successful disruption efforts against ransomware gangs, including the recent 'Operation Cronos' against LockBit. A report from the Office of the Inspector General reviewed the U.S. Department of Justice's efforts against ransomware and found its task force was largely ineffective. The U.S. Department of Justice in recent years has stepped up its efforts against ransomware, but the apparent failure of the department's task force shows there is still much work to be done. Carlin wrote that 2020 was "the worst year to date for ransomware attacks," and that the task force would bring all the department's resources to bear against the threat. In fact, the report said the FBI's efforts contributed to three "significant disruptions" of ransomware gangs in 2023 and early 2024 -- LockBit, Hive and Alphv/BlackCat -- as well as other takedowns of malware and botnets associated with those gangs. In fact, the report noted that the FBI also co-leads another multi-agency effort called the Joint Ransomware Task Force, which was established by Congress in 2022. For one, the U.S. government's efforts to curb ransomware attacks are massive and involve a high number of organizations from the DOJ, the Department of Defense, Department of Homeland Security and more, which can make coordinating meetings difficult. While the DOJ's task force was established to direct the department's efforts toward the ongoing threat, the OIG report showed the RTS fell short. Megan Stifel, chief strategy officer at the Institute for Security and Technology, led the implementation for the institute's own Ransomware Task Force. While the RTS was ineffective, the OIG noted that the FBI and the DOJ's Criminal Division's Computer Crime and Intellectual Property Section led the department's efforts against ransomware. In the report, the OIG stated the DOJ needed to provide clearer metrics to track disruption efforts and demonstrate the effectiveness of the department's actions taken against the threat. For example, an international law enforcement effort called "Operation Cronos" was successful in disrupting the LockBit ransomware gang in February. "While the Ransomware Task Force was not formally disbanded, its absence of meetings indicates that it is now defunct for all intents and purposes," the reported stated.
This Cyber News was published on www.techtarget.com. Publication date: Thu, 03 Oct 2024 16:43:06 +0000