The United States Cyber Command has publicly recognized the use of offensive actions (cyberattacks) in order to neutralize cybercriminal groups that attacked American companies using ransomware programs.
The Head of Cyber Command and director of the National Security Agency Paul Nakasone, in an interview with the New York Times, declined to elaborate on exactly what action the team of experts took. The US military’s computer operatives are increasingly willing to hack into criminals, not just statesmen who pose a threat to critical US infrastructure. But this is one of the first unequivocal evidence from Cyber Command that the agency is targeting criminal groups that hold the computer systems of American enterprises as “hostages.”
US government security officials have begun to actively pursue ransomware groups after attackers hacked into the networks of the fuel giant Colonial Pipeline and the world’s largest meat producer JBS earlier this year.
According to Paul Nakasone, the US government launched offensive actions against ransomware operators, including trying to cut off funding sources for hackers.
The US government’s counteractions against ransomware groups, many of which are based in Eastern Europe and Russia, also include indicting alleged extortionists and sanctioning cryptocurrency exchanges accused of laundering money for hackers.
However, it is not only the US government that has decided to use more aggressive measures against ransomware. The UK Government Liaison Center has announced plans to use national cyber forces formed last year to hack and pursue ransomware groups.
While the details of such operations are usually kept secret, they usually involve blocking criminals’ phone signals or interfering with their servers.