U.S. Army General says for the first time that he has taken offensive measures against ransomware criminal organizations



Army General Paul Nakasone , commander of the U.S. Cyber Command and Secretary of the National Security Agency (NSA), said in an interview with The New York Times in a big letter, 'We are taking steps against ransomware criminal organizations. '. This statement is widely reported as the first public recognition of military action against ransomware by US military generals.

US Military Has Acted Against Ransomware Groups, General Acknowledges --The New York Times
https://www.nytimes.com/2021/12/05/us/politics/us-military-ransomware-cyber-command.html



Russia could launch digital offensive against Ukraine, administration official warns --The Record by Recorded Future
https://therecord.media/russia-could-launch-digital-offensive-against-ukraine-administration-official-warns/

Cyber Command boss acknowledges US military actions against ransomware groups --CyberScoop
https://www.cyberscoop.com/naksone-cyber-command-ransomware/

According to General Nakasone, as of March 2021, the government was aware that ransomware attacks were the responsibility of law enforcement agencies (not the military). But then, Colonial Pipeline has stopped the operation, which operates America's largest oil pipeline by ransomware attack single item received or, a single item of the world's largest meat processing companies JBS has stopped temporarily all plants in the United States , 'A series of ransomware attacks are targeting critical domestic infrastructure,' he said.

The world's largest meat company, JBS, was attacked by ransomware, and all beef factories in the United States were shut down.



Thus, under the government's view that ransomware attacks require a more aggressive and collaborative approach, cyber forces, the NSA, and other government agencies have gathered threat intelligence on ransomware criminal organizations, not only from the U.S. government but also internationally. He is in charge of sharing understanding with his partner.

General Nakasone declined to say anything about the details of the military actions he had already taken or the targeted organizations, but said one of the goals was to 'make the ransomware criminals cost money.' 'We have been, now, and in the future, working with various government agencies and making them costly. This is an important factor we should always keep in mind.' I explained.

The New York Times is a prime example of this 'costing' approach to the Russian-based ransomware criminal organization REvil. In September 2021, the U.S. Cyber Command carried out an operation to divert traffic to the server used by REvil after an ally government-affiliated hacker broke into REvil's server and made it difficult to collect ransom. .. It is said that this operation was able to temporarily suspend REvil's activities in the United States.



However, The New York Times states that 'the effectiveness of the series of operations against ransomware criminal organizations is not consistent among government agencies.' According to The New York Times, NSA officials said 'activities by Russian organizations have diminished,' while FBI officials have expressed skepticism, and General Nakasone said 'US defense against ransomware attacks.' The power is on the updraft, but the enemy is also modifying the strategy and continuing to attack. '

General Nakasone said that attacks such as ransomware by cybercriminal organizations are likely to continue, and that it is also likely that U.S. infrastructure will be targeted in future military conflicts. It's the world I live in now. '

In addition, Biden president and Russian President Vladimir Putin of the United States to open the online meeting in 2021 December 7 schedule . Reportedly, the talks will also address the mitigation of military tensions over Ukraine, as well as cyber attacks.

in Security, Posted by darkhorse_log