The U.S. Department of Justice’s (DoJ) approach to disrupting and preventing cybercrime was unveiled by U.S. Deputy Attorney General Lisa Monaco during the opening keynote of the RSA 2023 conference.
Monaco emphasized that the DoJ has evolved its approach in recent years to tackle the burgeoning cyber threats to the government and the wider economy. This revolves around “putting the victim at the center” rather than measuring success by prosecuting cyberthreat actors through the courts.
Monaco emphasized that the DoJ’s success in recovering millions of dollars worth of Bitcoin paid to attackers after the Colonial Pipeline attacks in May 2021 is an example of this approach. In this case, instead of blaming the victims of the incident, action was taken to trace the money paid in cryptocurrencies.
Another example is the takedown of the Hive ransomware gang’s infrastructure by international law enforcement in January 2023. This gave the government access to the group’s computer network, allowing the agency to obtain the decryption keys and distribute them to her Hive victims around the world. Monaco said it was a long and patient operation and a “modern cyber stakeout”.
Read more: #RSAC: Cyber-intrusion campaign against three US federal agencies thwarted
She emphasized that such operations are only possible through cooperation. We urged victim organizations to contact the DoJ to achieve similar results.
“It’s good for business and good for America because you can help prevent the next attack,” she said.
Monaco highlighted the recent conviction of former Uber CISO Joe Sullivan, who was charged with his intentional act of misleading the Federal Trade Commission (FTC) about the nature of the case.
She said CISOs should never delay engaging the federal government in a case.
