Who Is Looking Over Your Online Shoulder?
The 1992 movie Sneakers starred Robert Redford, Dan Akroyd, and Sidney Poitier as professional hackers who are tracked down by an FBI team led by James Earl Jones. Real life proved to be about as risky for both professional and amateur professional hackers.
Beginning in 1999, the FBI conducted a 2-year operation to ferret out a small group of hackers as part of a national security investigation. That operation opened doors into the secretive hacker community for the agency.
Whereas the Bureau started out pretending to be hackers, even running a forum for hackers, their techniques and tools evolved over time. By 2014, when Georgia Tech and other universities were hacked by 2 men living in Kuala Lumpur, the FBI was able to track them down quickly without having to impersonate anyone.
When a Florida teenager hacked into Twitter in May 2020, the FBI swiftly reconstructed events of the hack once called in to investigate. Although the hack was amateurish at best (the hackers made many mistakes), it garnered a lot of publicity because it was so brazen.
Cybersecurity has always been important. The U.S. and British governments built their first digital computers in secrecy at high-security labs during the Second World War. They didn’t want anyone prying into their operations, for obvious reasons.
As private industry adopted and expanded the use of digital computers from the 1950s through the 1970s, they only needed to restrict physical access to their networks. The Internet, first created in 1969, grew slowly until the 1990s. It was the advent of the World Wide Web that opened up the world to hackers of all ages and backgrounds.
Cybersecurity matured almost overnight, growing up from secretive defense and industrial processes to wide-ranging online practices. Everyone had to begin thinking about passwords and who was connecting to their computers. The fantasy of movies became reality rapidly. But the FBI’s cybersecurity capabilities grew alongside the skills of the hackers.
There are more tools than ever before. Computer networks are larger, faster, more powerful, and more secure than ever before. And the world is both a battleground and a playing field for professional, state-level actors and criminals, and amateur sleuths and hackers. Some of today’s amateurs will become tomorrow’s cyber supervillains and superheroes. But the Department of Justice will be right there with them.
What Is the Department of Justice Doing about Cybersecurity?
The Department of Justice (DOJ) has taken action against growing domestic and foreign threats of cyberattacks. While cybersecurity has been a priority for several years, the DOJ has recently intensified its counteroffensive.
Read on to learn how the DOJ addresses cybersecurity, what it’s been doing to tackle it, and what’s next in the war on cybercriminals.
How the DOJ Handles Its National Cybersecurity Responsibilities
The DOJ’s Cybersecurity Unit provides legal advice and guidance regarding the impact of illegal surveillance and computer fraud on the nation’s cybersecurity. One of the agency’s goals is to ensure that law enforcement at all levels holds criminals accountable for cyberattacks through the criminal justice system.
DOJ attorneys assist in crafting legislation designed to address public cybersecurity concerns, helping strengthen computer networks that support businesses and individual users across the country. The Cybersecurity Unit supports the private sector through advice and direction regarding how to best strengthen an organization’s cyber defenses, as well as their options within the legal system.
What the Department of Justice Has Done Recently for Cybersecurity
“Cybersecurity is national security” is the U.S. government’s new mantra across both civilian and military agencies.
One recent Department of Justice initiative complies with President Joe Biden’s executive order to leverage the authority of the U.S. government to address cybersecurity. The DOJ initiative is built on the foundation of the False Claims Act (FCA), a statute written in 1863—long before cybersecurity was part of the daily conversation—to stop people and companies from defrauding the U.S. government.
The DOJ strategy leverages the FCA in three different ways:
- To pursue companies that knowingly fall out of compliance with cybersecurity standards
- To hold companies accountable for misrepresenting their internal cybersecurity measures
- To prosecute companies that fail to report cybersecurity incidents in a timely fashion
The FCA includes a provision to protect whistleblowers who come forward and work with the Department of Justice. They get the opportunity to share in the proceeds the government gets from any legal action taken against an erring company.
On another front, the DOJ is also pursuing zero-trust projects, as it made public during the Fortinet Security Transformation Summit organized by news outlet FedScoop. Using these kinds of proactive approaches to cybersecurity, the Department of Justice mimics the success it earned when it partnered with TRM Labs, a blockchain company that targets cybercriminals, to take down the thieves who stole $4.5 billion of cryptocurrency.
How the Department of Justice Helps to Fight Cybersecurity Fraud
The DOJ’s zero-trust initiative involves launching as many as 10 projects with a variety of vendors—all focused on implementing zero-trust security models. These projects utilize open application programming interfaces (APIs) to bolster the DOJ’s digital infrastructure. These APIs, which are predesigned tools that can work within current applications, allow the department to streamline the development of cyber defense mechanisms.
Zero trust networks assume that every connecting person, network, application, and the device is a potential threat—and therefore block them from accessing the networks or particular subsystems. Using APIs to put these kinds of protocols in place makes it faster and easier for the DOJ to implement zero-trust policies across its network. APIs also streamline the process of testing and adjusting different implementation strategies.
Measures Improving Cybersecurity Fraud and Cryptocurrency Enforcement
The Department of Justice also recently announced two specific measures designed to make the nation’s cyber defenses more effective against new and emerging threats: the Civil Cyber-Fraud Initiative and the National Cryptocurrency Enforcement Team.
The Civil Cyber-Fraud Initiative targets cyber threats faced by government grant recipients and contractors. It leverages the power of the False Claims Act to levy penalties against companies and people that either fail to protect their computers and networks, misrepresent the ways in which they address cybersecurity, or violate incident reporting regulations.
For instance, suppose a medical research facility had been contracted by the U.S. government to produce a vaccine to combat a new strain of COVID. The company uses patient data to inform its development process and needs to protect this from exfiltration by hackers. If they fail to securely store the data and make it vulnerable, the DOJ could hold them accountable in court—whether or not they get breached.
The National Cryptocurrency Enforcement Team has a more specific objective. It has been set up to go after cryptocurrency exchanges and others that facilitate the abuse of cryptocurrency. For example, if a crypto exchange takes bitcoin from a criminal and uses the anonymity of the blockchain to facilitate converting it from BTC to Eth, they could be held legally accountable.
Cyber Crime Is A High Priority for the Department of Justice
By using a combination of Lincoln-era legislation and cutting-edge initiatives, the DOJ is tackling cybersecurity head-on. Violating the False Claims Act, for instance, leaves an organization liable for not only three times the total damages included in the suit, but also additional penalties for each violation. This functions as a significant financial deterrent for companies that may consider letting their cybersecurity defenses down.
Similarly, an exchange or other entity that fails to perform its due diligence when dealing with customers may come under the DOJ’s crosshairs. While knowing your client (KYC) measures have been frowned upon by the crypto community, which advocates anonymity, this stance could put them at risk of damaging lawsuits.
The DOJ’s initiatives are a sobering reminder for companies, big and small, to remain vigilant against cyber threats. This is particularly true because many organizations can be potentially involved in a contract with the government. This could put their cyber defense strategies under microscopic scrutiny, particularly if they have to deal with sensitive data and systems. Therefore, it’s prudent for all organizations to tighten their cybersecurity belts to protect both their internal systems and employees—and the cybersecurity of the entire nation, in the process.
