High-profile ransomware attacks — some the FBI have tentatively attributed to Russian hackers — have provoked the kind of response none of us should be in any hurry to welcome. But it’s been coming to this point for years.
Malicious hacking efforts — some of them targeting government agencies — have been normal for as long as we’ve had computers and networks. And it’s something our own surveillance agencies engage in, whether to search for terrorists or to simply cripple foreign governments. Throughout it all, there’s been a steady call by some legislators and officials to turn cyber wars into actual wars. Or, at the very least, allow US government agencies to engage in more offensive hacking efforts, rather than simply play defense.
War — or anything a government can call a “war” — is the one simple trick governments use to obtain more power for themselves at the expense of the rights of those they serve. That’s why the War on Drugs and the War on Terror are more known for mass imprisonment and mass surveillance than any solid victories over the concepts and products the US has declared war against.
The U.S. Department of Justice plans to take a much harsher approach when pursuing cybercriminals involved in ransomware attacks—and will investigate them using strategies similar to those currently employed against foreign and domestic terrorists.
The new internal guidelines, previously reported by Reuters, were passed down to U.S. attorney’s offices throughout the country on Thursday, outlining a more coordinated approach to investigating attacks. The new guidance includes a stipulation that such investigations be “centrally coordinated” with the newly created task force on ransomware run by the Justice Department in Washington, DC.
This equation of ransomware with terrorism was made explicit by the acting deputy attorney general, who told Reuters this “model” has been used to handle terrorism investigations but not for malicious cyberattacks.
What this means is information will be shared with other agencies as well as oversight and legislators whenever investigators, analysts, and private sector requests for assistance involve ransomware or other online threats, like botnets and forums selling hacking tools and stolen credentials.
What this will mean in practice remains to be seen. The War on Terror hasn’t exactly boosted anyone’s confidence in the federal government’s ability to respond effectively or appropriately to this omnipresent threat. It has saddled us with the TSA and dozens of useless “Fusion Centers.” It has created an FBI cottage industry that allows informants to radicalize random citizens into 20-year prison sentences using tactics that often appear to cross the line into entrapment. It has expanded the buying power of the military and allowed local law enforcement to wield its hand-me-downs against American citizens. It has expanded the reach and grasp of multiple intelligence agencies — some of which have had their own hacking tools leaked/purloined and wielded by the same state-sponsored hackers and cybercriminals these agencies were supposed to be taking down.
Without a doubt, ransomware is a threat to Americans. It has crippled major industry players, resulting in panic buying and price spikes following production dips and logistics nightmares. And it’s only a matter of time before critical systems and agencies are held hostage at virtual gunpoint until ransoms are paid. But considering the underlying infrastructure that allows ransomware attacks to take place is also something millions of non-criminals around the world use regularly, allowing the government to treat the greatest communication tool ever invented as Terrorist HQ isn’t likely to make it better or safer for anyone using it.