The Department of Justice said Friday that it will make disrupting ransomware attacks and prosecuting cybercriminals a key objective as part of a new strategic plan.
In a statement, the department said it intends to beef up its cybersecurity technological capabilities and to more aggressively pursue those who put U.S. government information or assets at risk.
“The Department will bring to justice those who commit cyberattacks, whether they are lone actors, elements of transnational organized crime groups, or acting on behalf of nation states or terrorist groups. In parallel, the Department will work to disrupt and dismantle the online infrastructure that facilitates cyberattacks and to seize the criminal proceeds of such crimes,” the DOJ said.
It added: “To accomplish these goals, the Department will enhance its own technological and investigative capabilities.”
The Justice Department aims to improve its ransomware attack response by September 2023 by promising to significantly increase the percentage of reported ransomware incidents from which investigative actions are conducted within 72 hours and by increasing the number of ransomware matters in which seizures or forfeitures are occurring by 10%.
Despite cyberattacks being a common problem in the past decade, it is only the series of massive attacks last year on the computer systems of the federal government, the Colonial Pipeline, and the meat producer JBS that have brought mainstream awareness to the need for increased cybersecurity within the government and the private sector.
The DOJ will also enhance cybersecurity and fight cybercrime through four key strategies: deterring, disrupting, and prosecuting cyber threats; strengthening intergovernmental, international, and private-sector partnerships to fight cybercrime; safeguarding Justice Department data and information; and enhancing cyber resilience within the private sector and other government agencies.
“The Department will also use available authorities, including the False Claims Act, to hold accountable anyone who puts U.S. government information or assets at risk by knowingly providing deficient cybersecurity products or services, misrepresenting their cybersecurity practices or protocols, or violating obligations to monitor and report cybersecurity incidents and breaches,” the strategic plan said.