Following the Cyberattack on the world’s largest meat producer the United States Department of Justice is now reportedly planning to classify cyber crime cases involving ransomware and similar cyber attacks as terrorist attacks. This means that more funding and resources will be made available to combat and track down these cyber attacks and the people behind them. This would also results in the cooperation of multiple intelligence agencies to track down the perpetrators and possible sentencing to the same level now only reserved for terrorists.
The decision was made after another cyber attack hit the JBS SA (world’s largest meat-processing plant) over the last weekend. According to White House officials, intelligence agencies believe yet again that another Russian-based hackers group (REvil) is behind the large scale ransomware attacks on JBS SA. Similar attacks from hacking group Darkside paralysed Colonial Pipeline last month, a 5,500-mile pipeline that carries 45% of the fuel used on the East Coast. JBS plants are however coming back online but there is an expected impact on food supplies to consumers and restaurants that has yet to be fully felt.
The government has issued an internal guidance report sent to U.S. attorney’s offices across the country that contains new information and guidelines for ransomware investigations. It states that investigations will be coordinated from a national task force in Washington to which multiple intelligence agencies supply information on cyber attacks.
It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain.John Carlin, acting deputy attorney general at the Justice Department
At the beginning of 2021, REvil took credit for hacking Taiwanese hardware supplier; Quanta Computer Inc. As a result of this hack REvil published classified blueprints for new Apple Products. In 2020 REvil was also responsible for a ransomware attack against a US law firm that the group claimed represented a variety of Donald Trump’s television enterprises. In 2019 REvil was responsible for interfering in elections by attacking Louisiana election clerks a week before Election Day.
Last month, hacking group Darkside, a group that U.S. authorities said operates from Russia, penetrated Colonial Pipelines network and paralyzed the system for days. They initiated a system wide shutdown of the 5,500-mile pipeline that carries 45% of the fuel used on the East Coast. The attack caused a spike in gas prices, panic buying and local fuel shortages.
Colonial CEO Joseph Blount told The Wallstreet Journal in an interview that he personally approved a $4.4 million ransom payment to Darkside in order to “release” the system. Blount told The Journal “it was the right thing to do for the country.” While many security experts and companies strongly urge never to pay a ransom because it will only encourage more attacks in the foreseeable future.
Next Step for DOJ
On Tuesday the U.S. Department of Agriculture made a statement saying that it “continues to work closely with the White House, Department of Homeland Security, JBS USA and others to monitor this situation closely and offer help and assistance to mitigate any potential supply or price issues.” Already coordinating with a Washington based task force.
The Department of Justice will continue to expand the Washington task force to incorporate more segments of existing intelligence agencies to combat cyber crime and classify increasingly new attacks as cyber terrorism.