The White House has a dedicated ransomware task force that would focus on combating cyberattacks and double down on tracing cryptocurrency transactions involved in them, sources told Bloomberg today.
Per the report, the topic was discussed during a virtual briefing with members of Congress yesterday. As part of the planned effort, the new unit will analyze and trace crypto transfers that affected companies and institutions have sent—or will send—to perpetrators of ransomware attacks.
Notably, such assaults proved to be highly disruptive and harmful even to large international companies. One of the most high-profile recent examples is the attack on Colonial Pipeline, an American gasoline pipeline firm, that resulted in fuel shortages across the Southeastern United States.
In the end, the company reportedly paid the hacker group known as DarkSide “nearly $5 million” in “untraceable cryptocurrency.” However, federal authorities ultimately managed to recover around $4.4 million worth of the sent.
In another instance, JBS USA Holdings Inc., one of the world’s largest food processors, paid $11 million in Bitcoin to ransomware attackers in mid-June. In response, the U.S. Department of Justice switched the status of ransomware attacks to the same priority level as terrorism.
During yesterday’s virtual briefing, deputy national security adviser Anne Neuberger also said that apart from the task force, the administration is also working on a new strategy that includes efforts to disrupt ransomware attacks, quell the use of Bitcoin and other cryptocurrencies for such illegal activities, and work with other nations to convince them not to harbor cybercriminals.
Simultaneously, the State Department also considers launching a new bounty program that will offer rewards up to $10 million for information that would result in the identification of alleged cybercriminals, according to Politico’s report. The program will be predominantly aimed at hackers involved in attacks on critical infrastructure, the administration official told the outlet.
Interestingly, the notorious hacking group REvil—which was responsible for some of the recent high-profile ransomware attacks—literally disappeared from the face of the Internet on Tuesday.