The Department of Justice (DoJ) is targeting increased efforts to fight ransomware-driven cyber attacks – amid a host of other improved cybersecurity approaches – as one of a number of new agency priority goals in DoJ’s 2022-2026 Strategic Plan published on July 1.
DoJ’s five-year plan lays out objectives for five broad strategic areas. The cybersecurity and ransomware-related objectives are included as an agency priority goal under the “Keep Our Country Safe” strategic objective.
Ransomware Targets
The agency is staking itself to the goals of enhancing efforts to combat ransomware attacks by:
- “increasing the percentage of reported ransomware incidents from which cases are opened, added to existing cases, or resolved or investigative actions are conducted within 72 hours to 65%;” and
- “increasing the number of ransomware matters in which seizures or forfeitures are occurring by 10%.”
DoJ is targeting reaching those goals by September 2023.
Expanded Cybersecurity Objectives
On the broader cybersecurity front, the Justice Department strategic plan also lists enhancing cybersecurity and fighting cybercrime as two important objectives, and breaks those down into several different objectives.
Under the strategy of “deter, disrupt, and prosecute cyber threats,” DoJ is pledging to:
- Bring to justice all attackers including lone actors, transnational criminal groups, and nation-state and terrorist-sponsored groups;
- Work to disrupt and dismantle online infrastructure used by attackers;
- Seize criminal proceeds from attacks; and
- Develop policies and prosecutions to execute on those aims.
“The department will address supply chain vulnerabilities, support other government agencies and the private sector, and identify new sources of evidence and intelligence,” in pursuit of that strategy, it said. “In addition, the department will continue to develop ways to attribute cyberattacks, to respond to and engage victims and targeted entities, and to provide intelligence to help victims recover and strengthen their defenses.”
“Finally, we will continue to develop our own cyber expertise by investing in recruitment, training, and capacity building,” the agency said.
DoJ said it also will strengthen its collaborations with agencies, overseas partners, and the private sector to fight cybercrime, aid attribution efforts, defend networks, and impose sanctions.
“The department will continue to strengthen relationships with, and build coalitions of, like-minded countries to work with the United States in combating cybercrime,” it explained. “The department will also leverage the National Cyber Investigative Joint Task Force (NCIJTF) for joint and sequenced operational planning.”
“In addition, because the private sector and academia manage the overwhelming majority of the nation’s critical infrastructure, research, and innovation, the department will work with these entities to improve information sharing and to encourage the reporting of suspected criminal and other hostile cyber activity,” DoJ said.
On the internal front, DoJ said it will undertake efforts to improve information security, and will “improve its use of multifactor authentication, encryption, and other security measures, both when communicating internally and when communicating with partners inside and outside the Federal government.”
Finally, DoJ said it will work with government and the private sector to share information that can help strengthen cyber defense and resilience, including through threat intelligence sharing and “targeted outreach.”
“We will also continue to support policy efforts to protect the digital supply chain, Federal information systems, and critical infrastructure against vulnerabilities,” DoJ said.