Deputy AG Lisa Monaco is speaking now at the Munich Cybersecurity Conference.
“We're adapting old tools to use in new ways," she says, "while also designing novel techniques to use in our major cyber investigations.”
“We're adapting old tools to use in new ways," she says, "while also designing novel techniques to use in our major cyber investigations.”
Monaco: “The FBI is forming a specialized team dedicated to cryptocurrency, the Virtual Asset Exploitation Unit."
The team brings together cryptocurrency experts to "provide equipment, blockchain analysis, virtual asset seizure, and training to the rest of the FBI."
The team brings together cryptocurrency experts to "provide equipment, blockchain analysis, virtual asset seizure, and training to the rest of the FBI."
DOJ's National Cryptocurrency Enforcement Team now has a dozen prosecutors, Monaco says. And former AUSA Eun Young Choi, a senior counsel to Monaco, will be the team's first director. Choi oversaw the JPMorgan hack case.
Monaco says prosecutors handling "significant cyber investigations" now have to consult with DOJ's international and cybercrime experts "to identify international actions that might be able to help stop a threat."
DOJ is also creating a "cyber operations international liaison" position to help "up the tempo of international operations against top-tier cyber actors," Monaco says. This person will work from Europe "to ensure more connectivity between our law enforcement groups.”
DOJ is launching an "International Virtual Currency Initiative" that will facilitate more "joint international law enforcement operations" and "more eyes from multiple law enforcement agencies around the world to track money through the blockchain," Monaco says.
The Biden administration will also use the DOJ's international initiative to encourage other countries to improve their cryptocurrency regulations to crack down on rogue exchanges that facilitate ransomware payments.
From now on, Monaco says, "prosecutors, agents and analysts" will have to constantly assess "whether to use disruptive actions against cyber threats, even if they might otherwise tip the cyber criminals off and jeopardize the potential for charges and arrests."
Drawing a parallel between terrorism and cybercrime cases, Monaco says that a top priority must be making victims whole. Thus, "we will assess whether there are steps we can take to prevent or reduce the risk to victims" even if they jeopardize prosecutions.
This change could be a response to criticism of the FBI for keeping the REvil ransomware decryptor secret in order to keep investigating the group. washingtonpost.com/national-secur… Sharing the decryptor with Kaseya sooner might have mitigated the spread of that co's supply chain attack.
Asked what DOJ learned from its SolarWinds-related breach, Monaco says “We've got to be taking on exactly the same focus that we ask others to do and make it a C-suite–level issue.”
She says DOJ developed a cyber incident response playbook and will be testing and revising it.
She says DOJ developed a cyber incident response playbook and will be testing and revising it.
On Ukraine tensions, Monaco says she's "absolutely concerned" about spillover in cyberspace to U.S. targets. She notes that it's happened before, with NotPetya.
She adds that "companies of any size and of all sizes would be foolish not to be preparing right now."
She adds that "companies of any size and of all sizes would be foolish not to be preparing right now."
• • •
Missing some Tweet in this thread? You can try to
force a refresh
