Justice Department launches a National Cryptocurrency Enforcement Team
Deputy Attorney General Lisa Monaco announced the launch of a National Cryptocurrency Enforcement Team at the Department of Justice Wednesday to go after criminals who target cryptocurrency marketplaces and use digital coins to launder money. Although Monaco didn’t explain the exact structure of the team, she linked its creation to the department’s history of securities enforcement and the reliance of ransomware gangs on cryptocurrencies.
“If cryptocurrency exchanges want to be the banks of the future, we need to make sure people can have confidence in these systems,” she said during an interview at the Aspen Cyber Summit. Major cryptocurrency exchange Coinbase recently disclosed that more than 6,000 of its users were robbed after attackers leveraged a vulnerability in its SMS-based two-factor authentication process to break into their accounts.
Monaco also connected oversight of the sector with the rise of ransomware gangs, who typically hold systems hostage in exchange for Bitcoin or other more difficult to track cryptocurrencies. The team will seek to “strengthen our capacity to disable these financial markets that allow criminals to flourish,” according to Monaco.
Monaco said she was “struck by how broad” the ransomware threat landscape is today.
“We know the FBI is investigating more than 100 ransomware variants” that have affected more than 1,000 victims, Monaco said. The Justice Department launched an internal taskforce on ransomware in April and in June, Monaco directed U.S. federal prosecutors to centrally report all ransomware related incidents they encounter.
“We want the same national awareness and big picture” insight into the scope of ransomware as other key national security issues like terrorism, Monaco said Wednesday.
Monaco also announced a Civil Cyber Fraud initiative to crack down on federal contractors who fail to follow cybersecurity best practices during her remarks. The government will be hitting contractors who falsely claim to be securing systems properly with “very hefty fines” via the False Claims Act and working with whistleblowers.