New DOJ unit will focus on prosecuting nation-state cybercrime

The U.S. Department of Justice is adding a new section to its National Security Division that will focus on prosecuting malicious foreign cyber activity, a top department official announced Tuesday, as the department seeks to take a more active role in combating digital threats from outside the country.

The entity will allow the division to “increase the scale and speed of our disruption campaigns and prosecutions of nation-state cyberthreats as well as state-sponsored cyber criminals,” Assistant Attorney General Matthew Olsen, the division’s chief, said during an event at the Hoover Institution in Washington.

The computer crimes section in the department’s Criminal Division will remain in place. The new National Security Cyber Section will boast prosecutors who are “positioned to act quickly as soon as the FBI or an [intelligence community] partner identifies a cyber enabled threat and we will be in a position to support investigations and disruption,” he added, noting the effort is in its “earliest stages.”

The decision to put cyber on equal footing with the division’s three existing sections comes as the DOJ has ramped up its own efforts to defeat botnets, contain or eliminate malware outbreaks and pursue digital criminals around the globe.

An example of the DOJ’s more aggressive approach came last month when U.S. and international authorities announced they had completed an operation to disrupt a sophisticated malware implant used by Russian hackers for nearly two decades.

Earlier this year, DOJ and the FBI announced they had dismantled the infrastructure of the notorious Hive ransomware group.

Despite those and other successes, DOJ has been “sort of fighting above our weight class,” according to Olsen.

“We're having an impact but we're doing so with just a small handful of prosecutors and we need to take advantage of some of the expertise that we've developed and some of the efforts that we've proven to have been effective over the past few years,” he said.

Olsen did not say what the new section’s budget would be or how many prosecutors would ultimately be added to its roster.

He said the section would “mirror” the structure of the FBI’s cyber division, with its leadership organized by geographical threat. That, in turn, will allow officials to develop deeper expertise and recognize the types of tools different threat actors utilize — and start potential legal efforts against them — faster.

Olsen said the new section would work closely with the department’s Criminal Division, which has long worked on cybercrimes like network intrusions and other malicious activities.

“Our cyber adversaries are innovative and constantly adjusting their tactics to hide from our investigators and overcome our network defenders,” he told the audience. “So the National Security Division is committed to matching our adversaries by adapting our tactics and our organization.”