Skip links

US to attack cyber criminals first, ask questions later – if it protects victims

The United States Department of Justice (DoJ) has revealed new policies that may see it undertake pre-emptive action against cyber threats.

Revealed last week by deputy attorney general Lisa O. Monaco, in a speech at the Munich Cyber Security Conference, the policy will see prosecutors, agents and analysts assess “whether to use disruptive actions against cyber threats, even if they might otherwise tip the cybercriminals off and jeopardize the potential for charges and arrests.”

Such actions will be undertaken if the DoJ feels that action can reduce risks for victims. Monaco mentioned “providing decryptor keys or seizing servers used to further cyberattacks” as possible interventions.

It’s the rare cyber investigation that doesn’t have an international dimension

Monaco also wants sanctions and export controls used when appropriate – and not just those the DoJ or even the US can wield. She hopes “our international and private sector partners” can weigh in, too, and also wants DoJ people to work “at US Cyber Command and elsewhere, to achieve unity of purpose and unity of action.”

The deputy attorney general added that charging and apprehending cybercriminals “will still be a priority in cybercrime cases” but that different tactics are needed “when threat actors seek safe haven in rogue countries or work on behalf of a foreign government.”

Another DoJ initiative will try to get ahead of cryptocurrency abuse.

“It’s the rare cyber investigation that doesn’t have an international dimension,” Monaco said, announcing that prosecutors handling significant cyber investigations will henceforth be required to consult with DoJ’s international and cybercrime specialists “to identify international actions that might be able to help stop a threat.”

A new International Virtual Currency Initiative will therefore facilitate what Monaco described as “more joint international law enforcement operations – more eyes from multiple law enforcement agencies around the world – to track money through the blockchain.” The Initiative’s staff also get to do some education about financial regulations and anti-money laundering requirements, in the hope would-be abusers stay on the right side of the law.

Monaco also announced a Virtual Asset Exploitation Unit (VAXU) that “will combine cryptocurrency experts into one nerve center that can provide equipment, blockchain analysis, virtual asset seizure and training to the rest of the FBI.” The Unit will work alongside the FBI’s existing National Cryptocurrency Enforcement Team which, since its formation in late 2021, has grown to employ a dozen prosecutors and, as of last week, its first director – Eun Young Choi, who Monaco described as “a seasoned computer crimes prosecutor and a leader in the field.”

VAXU was announced in the context of the February 8 arrest of “tech entrepreneurs” Ilya Lichtenstein, 34, and Heather Morgan, 31 – a husband and wife team accused of conspiring to launder $4.5 billion in cryptocurrency allegedly lifted from Hong Kong crypto exchange Bitfinex in 2016.

Monaco said the effort to arrest the pair was a modern adaptation of a very old law enforcement technique: following the money. She assured her audience that VAXU’s formation shows the DoJ and the agencies it oversees are evolving to meet today’s threats. ®