DOJ team

While no security officer would rely only on this, it’s encouraging to hear that the US Department of Justice is stepping up its efforts to combat cybercrime.

New efforts will focus on ransomware and cryptocurrency occurrences, according to Deputy Attorney General Lisa Monaco’s recent address in Munich. This makes it logical, given that ransomware was ranked the top attack type in the X-Force Threat Intelligence Index 2022 in 2021. What is the Department of Justice doing to strengthen bitcoin and other cybercrime policing? What types of cybercrime cases have they dealt with so far? What influence could this have on a company’s security strategy?

National Cryptocurrency Enforcement Team Appoints Director

The first Director of the National Cryptocurrency Enforcement Team, Assistant US Attorney Eun Young Choi, was named in Monaco’s announcement (NCET).

  “We have observed an increase in the illegitimate use of digital assets and distributed ledger technology by criminals who exploit them to fuel hacks, ransomware, and extortion schemes,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division.

“The NCET will be the focal point for the department’s efforts to combat the rise in technology-related crime.” I am glad that Eun Young will remain as the NCET’s initial Director, spearheading the department’s efforts in this field.”

New NCET Director’s Track Record

Director Choi worked as an assistant US attorney for the Southern District of New York, according to the Justice Department. She was the office’s cyber-crime coordinator there. She investigated and prosecuted cases involving cybercrime, complicated fraud, and money laundering. She concentrated on network intrusions, digital money, the dark web, and national security investigations in particular.

Choi oversaw an investigation that resulted in the indictment of Russian threat actor Andrei Tyurin in January 2021. The Tyurin criminal enterprise, one of the largest ever on Wall Street, lasted from 2012 to 2015. JPMorgan Chase, ETrade, and The Wall Street Journal were among the companies affected by the incident. Following the theft of personally identifiable information, the thieves attempted to inflate stock values by selling stocks to individuals.

 According to prosecutors, the JPMorgan Chase breach resulted in the theft of data from 80 million clients. Tyurin made $19 million from his illegal activities, according to the DOJ. Tyurin was sentenced to 12 years in prison thanks to the efforts of Choi, the FBI, and several other agencies.

The Complex World of Fighting Crypto Crime

The new agency has already handled a high-profile case. The NCET investigated Ilya Lichtenstein and his wife, Heather Morgan, in February 2022. They were charged with attempting to launder $4.5 billion in cryptocurrencies. The money was allegedly taken during the Bitfinex cryptocurrency exchange hack in 2016. More than $3.6 billion in cryptocurrencies was confiscated as part of the investigation, making it the largest DOJ crypto coin recovery to date. Unauthorized Bitfinex transactions, according to court documents, moved stolen Bitcoin to Lichtenstein’s crypto wallet.

Approximately 25,000 stolen Bitcoin were transferred out of Lichtenstein’s wallet over the course of five years via a complicated money laundering mechanism. “Today’s arrests, and the department’s greatest financial seizure ever, illustrate that cryptocurrency is not a safe haven for criminals,” Monaco said in a statement regarding the case.

The accused attempted but failed to retain digital anonymity by laundering stolen monies through a maze of bitcoin transactions. Law enforcement once again demonstrated that it can and will chase the money, no matter what form it takes, thanks to their thorough work.

“Today, federal law enforcement proves once again that we can track money using the blockchain, and that we will not allow cryptocurrencies to become a shelter for money laundering or a lawless zone within our financial system,” said Assistant Attorney General Polite.

More DOJ Action Against Cyber Crime

Monaco listed the DOJ’s current operations and future plans for threat actors:

  • Executing code and erasing digital backdoors using typical search warrants
  • Helped to bring down the Emotet botnet (although Emotet has since returned)
  • On the darknet, we took down the world’s largest criminal marketplace and detained at least 150 darknet traffickers.
  • Over 100 different ransomware variations were investigated, and dozens of ransomware gangs estimated to have caused billions of dollars in harm were targeted.
  • Following the attack on Kaseya, the FBI got decryptor keys so that ransomed computers could be unlocked.
  • With five arrests and the confiscation of $6.1 million in suspected ransom payments, the R-Evil ransomware organisation was brought down.
  • The Virtual Asset Exploitation Unit was formed to bring together bitcoin experts in one place to assist the FBI with equipment, blockchain research, virtual asset seizure, and training.
  • Launching an International Virtual Currency Initiative to allow cooperative international law enforcement operations to monitor money using blockchain technology. This will encourage legislation and anti-money laundering regulations to combat virtual currency exploitation.

Crypto Crime Disruption Efforts

Prosecutors, agents, and analysts at the Department of Justice will examine whether to use disruptive actions against cyber risks in the future during any investigation. They could utilise this strategy even if it alerts threat actors and puts them in danger of being apprehended. Agents will determine whether they can prevent or mitigate the harm to victims by supplying decryptor keys or seizing threat actors’ servers.

Is the Internet Safe Now?

Law enforcement efforts are certainly appreciated.  Of course, no company can rely solely on the DOJ to safeguard them from cyber dangers. The CISA Incident and Vulnerability Response Playbooks are a useful location to double-check your security posture.

“And my message to cybercriminals is equally clear: the long arm of the law can — and now will — go much further into cyberspace than you believe,” Deputy Attorney General Monaco said in Munich. If you keep coming after us, we’ll come after you.”