The impact of recent ransomware attacks on critical infrastructure in USA prompted a backlash from the prosecutor's office.
An internal letter states that all inquiries for ransomware they should be centrally coordinated by an established working group recently in Washington.
According to Reuters, the internal letter he says:
"To ensure that we can make the necessary connections between national, global affairs and research, which will allow us to develop a comprehensive picture of the national and economic threats we face, we need to strengthen and consolidate our internal monitoring."
This model researchand cooperation is only used in a few areas related to national security, e.g. terrorism. According to US officials, this shows how the ransomware issue is being given immediate priority.
According to Reuters, this means that investigators will have to share details of the case and active technical information with a team led by the Washington investigation. It also means they will have guidance from Washington on how to proceed. If the new model is implemented, it will probably lead to a better understanding of the ransomware landscape.
In his recent executive order to improve cyber security, President Biden has already pointed out that the United States is facing persistent and increasingly sophisticated cyber malware campaigns. The second part of the letter entitled "Removing barriers to the sharing of threat information" seems to be starting a new collaboration.
This is an international collaboration called Task Force Ransomware (RTF). It is a think tank consisting of more than 60 volunteer experts representing organizations, industries and governments. In his report (PDFRTF recommends that any ransomware be treated as a threat to national security.
“Software attacks have shut down operations of critical national assets, including military installations. In 2019, a ransomware attack halted operations of the US Coast Guard for 30 hours, and in February 2020, a ransomware attack on a natural gas pipeline operator disrupted operations for two days. Attacks on the energy grid, nuclear plants, waste treatment facilities or any number of critical assets could have catastrophic consequences, including human casualties.”
