While no security officer would rely on this alone, it’s good to know the U.S. Department of Justice is increasing efforts to fight cyber crime. According to a recent address in Munich by Deputy Attorney General Lisa Monaco, new efforts will focus on ransomware and cryptocurrency incidents. This makes sense since the X-Force Threat Intelligence Index 2022 named ransomware as the top attack type in 2021.

What exactly is the DOJ doing to improve policing of cryptocurrency and other cyber crimes? What kinds of cyber crime cases have they solved already? And how might this impact a company’s security strategy?

National Cryptocurrency Enforcement Team Appoints Director

Monaco’s announcement included the naming of Assistant U.S. Attorney Eun Young Choi as the first Director of the National Cryptocurrency Enforcement Team (NCET).

“With the rapid innovation of digital assets and distributed ledger technologies, we have seen a rise in their illicit use by criminals who exploit them to fuel cyberattacks and ransomware and extortion schemes,” said Assistant Attorney General Kenneth A. Polite Jr. of the Justice Department’s Criminal Division. “The NCET will serve as the focal point for the department’s efforts to tackle the growth of crime involving these technologies. Eun Young is an accomplished leader on cyber and cryptocurrency issues, and I am pleased that she will continue her service as the NCET’s inaugural Director, spearheading the department’s efforts in this area.”

New NCET Director’s Track Record

According to the Justice Department, Director Choi worked as an assistant U.S. attorney for the Southern District of New York. There, she served as the office’s cyber crime coordinator. She investigated and prosecuted cyber, complex fraud and money laundering crimes. In particular, she focused on network intrusions, digital currency, the dark web and national security investigations.

In January 2021, Choi spearheaded an investigation that led to the prosecution of the Russian threat actor Andrei Tyurin.

One of the largest Wall Street breaches ever, the Tyurin criminal operation ran from 2012 to 2015. The incident affected organizations such as JPMorgan Chase, ETrade and The Wall Street Journal. After exfiltrating personally identifiable information, the criminals then promoted stocks to individuals in an attempt to pump up stock prices.

Prosecutors said the breach of JPMorgan Chase resulted in data stolen from 80 million customers. According to the DOJ, Tyurin cashed in on $19 million from his illicit operations. Thanks to the efforts of Choi, the FBI and several other agencies, Tyurin was sentenced to 12 years in prison.

The Complex World of Fighting Crypto Crime

The new agency already has a high-profile case under its belt. In February 2022, the NCET looked into a case against Ilya Lichtenstein and his wife, Heather Morgan. They were arrested for conspiring to launder $4.5 billion worth of cryptocurrency. The funds were allegedly stolen during the 2016 Bitfinex cryptocurrency exchange breach. As part of the investigation, more than $3.6 billion in cryptocurrency was seized, the largest DOJ crypto coin recovery to date.

According to court documents, unauthorized Bitfinex transactions sent stolen Bitcoin to Lichtenstein’s crypto wallet. Over a span of five years, about 25,000 stolen Bitcoin were transferred out of Lichtenstein’s wallet via a complex money laundering process.

In a statement about the case, Monaco said, “Today’s arrests, and the department’s largest financial seizure ever, show that cryptocurrency is not a safe haven for criminals. In a futile effort to maintain digital anonymity, the defendants laundered stolen funds through a labyrinth of cryptocurrency transactions. Thanks to the meticulous work of law enforcement, the department once again showed how it can and will follow the money, no matter what form it takes.”

“Today, federal law enforcement demonstrates once again that we can follow money through the blockchain, and that we will not allow cryptocurrency to be a safe haven for money laundering or a zone of lawlessness within our financial system,” said Assistant Attorney General Polite.

More DOJ Action Against Cyber Crime

Monaco cited a list of recent activities and future plans the DOJ has in store for threat actors:

  • Using traditional search warrants to execute code and erase digital backdoors
  • Helped dismantle the Emotet botnet (although Emotet has since returned)
  • Took down the world’s largest illegal marketplace on the darknet and arrested at least 150 darknet traffickers
  • Investigated more than 100 different ransomware variants, and targeted dozens of ransomware groups estimated to have caused billions of dollars in damage
  • In the wake of the attack on Kaseya, the FBI obtained decryptor keys so victims could unlock ransomed systems
  • Disrupted the R-Evil ransomware group with five arrests and the seizure of $6.1 million in alleged ransom payments
  • Created the Virtual Asset Exploitation Unit which combines cryptocurrency experts into one nerve center to provide equipment, blockchain analysis, virtual asset seizure and training to the FBI
  • Launching an International Virtual Currency Initiative to allow for joint, international law enforcement operations to track money through the blockchain. This will foster regulation and anti-money laundering requirements to root out the abuse of virtual currency.

Crypto Crime Disruption Efforts

Moving forward, during any investigation DOJ prosecutors, agents and analysts will also assess whether to use disruptive actions against cyber threats. They could use this tactic even if it might tip off threat actors and jeopardize the chance of arrest. Agents will assess whether they can prevent or reduce the risk to victims, such as by providing decryptor keys or seizing servers used by threat actors.

Is the Internet Safe Now?

The efforts of law enforcement are certainly welcome. Of course, no business is relying on the DOJ alone to protect against cyber threats. A good place to further check your security posture is the CISA Incident and Vulnerability Response Playbooks.

In Munich, Deputy Attorney General Monaco summed up her comments, saying, “And my message to cybercriminals is equally clear: the long arm of the law can — and now will — stretch much farther into cyberspace than you think. If you continue to come for us, we will come for you.”

More from Data Protection

Heads Up CEO! Cyber Risk Influences Company Credit Ratings

4 min read - More than ever, cybersecurity strategy is a core part of business strategy. For example, a company’s cyber risk can directly impact its credit rating. Credit rating agencies continuously strive to gain a better understanding of the risks that companies face. Today, those agencies increasingly incorporate cybersecurity into their credit assessments. This allows agencies to evaluate a company’s capacity to repay borrowed funds by factoring in the risk of cyberattacks. Getting Hacked Impacts Credit Scoring As per the Wall Street Journal…

4 min read

IBM Security Guardium Ranked as a Leader in the Data Security Platforms Market

3 min read - KuppingerCole named IBM Security Guardium as an overall leader in their Leadership Compass on Data Security Platforms. IBM was ranked as a leader in all three major categories: Product, Innovation, and Market. With this in mind, let’s examine how KuppingerCole measures today’s solutions and why it’s important for you to have a data security platform that you trust. The Transformation of the Data Security Industry As digital transformation continues to expand, the impact it has had on enterprises is very apparent when…

3 min read

SaaS vs. On-Prem Data Security: Which is Right for You?

2 min read - As businesses increasingly rely on digital data storage and communication, the need for effective data security solutions has become apparent. These solutions can help prevent unauthorized access to sensitive data, detect and respond to security threats and ensure compliance with relevant regulations and standards. However, not all data security solutions are created equal. Are you choosing the right solution for your organization? That answer depends on various factors, such as your industry, size and specific security needs. SaaS vs. On-Premises…

2 min read

Understanding the Backdoor Debate in Cybersecurity

3 min read - The debate over whether backdoor encryption should be implemented to aid law enforcement has been contentious for years. On one side of the fence, the proponents of backdoors argue that they could provide valuable intelligence and help law enforcement investigate criminals or prevent terrorist attacks. On the other side, opponents contend they would weaken overall security and create opportunities for malicious actors to exploit. So which side of the argument is correct? As with most debates, the answer isn't so…

3 min read