Skip to main content
Menu Icon
Close

InfoBytes Blog

Financial Services Law Insights and Observations

DOJ reports on cybersecurity and announces seizure of $500,000 from hackers

Privacy, Cyber Risk & Data Security DOJ Cryptocurrency Enforcement Cyber Risk & Data Security

Privacy, Cyber Risk & Data Security

On July 19, Deputy Attorney General Lisa O. Monaco spoke before the International Conference on Cyber Security (ICCS) 2022 regarding DOJ’s efforts to combat the increase of cyberattacks. Monaco also announced the release of the Comprehensive Cyber Review, which reflects “the need to prioritize prevention, to ensure we are doing all we can to help victims, and above all else – to use all the tools at our disposal, working with partners here and around the globe, across the government and across the private sector.” The report noted that the “failure of certain technology companies” to meet their legal obligations “is a major factor in allowing criminals to escape detection and apprehension.” The report also noted that over the last decade,” companies have “proactively taken independent actions” against cybercriminals without prior coordination with U.S. law enforcement officials. The report argues that “there is no reason that criminal activities in the cyber context should be handled differently than in the real world, where it would almost be unheard of for private companies to observe criminal activity” without informing law enforcement as soon as possible and then working with law enforcement to further identify and disrupt the criminal activity. The report recommends that the Justice Department and U.S. technology companies “develop a voluntary set of principles regarding the proactive and systematic reporting of cybercriminal activities using their platforms.”

Monaco also announced that the FBI and DOJ “disrupted” a North Korean state-sponsored hacking group that targeted U.S. medical facilities and other public health sector organizations. According to the DOJ’s press release, the Department seized $500,000 in cryptocurrency paid as ransom to North Korean hackers who used a ransomware strain to encrypt the files and servers of a medical center in Kansas. After more than a week of being unable to access encrypted servers, the Kansas hospital paid approximately $100,000 in Bitcoin to regain the use of their computers and equipment. Because the Kansas medical center notified the FBI and cooperated with law enforcement, the FBI was able to identify the never-before-seen North Korean ransomware and trace the cryptocurrency to China-based money launderers.