The US will elevate ransomware investigations to a similar priority level as terrorism investigations

In the wake of the economically damaging ransomware attack on the Colonial Pipeline, the US Department of Justice will elevate investigations of ransomware attacks to a similar priority level as terrorism investigations, senior DOJ officials told Reuters. 

According to Reuters, internal guidance sent on Thursday to U.S. attorney’s offices stated that information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington.

“We’ve used this model around terrorism before but never with ransomware,” acting deputy attorney general John Carlin told Reuters. 

The members of ransomware group behind the Colonial Pipeline attack, called DarkSide, are believed to be Russian. After seizing control of the Colonial Pipeline’s computer network, DarkSide demanded a ransom payment in BTC. In the stand-off period before Colonial paid the group 75 BTC, the southeast U.S. experienced widespread gasoline shortages and price spikes.

On Tuesday, a White House spokesperson signaled the Biden Administration's growing concern over ransomware, saying that "expanding cryptocurrency analysis" to trace ransomware-tied transactions would be a priority.

The Justice Department’s decision to push ransomware into the process generally reserved for high-level national security threats illustrates how the issue is being prioritized, U.S. officials told Reuters.