Eyeing the increasing threat of damaging cyberattacks by hackers backed by hostile foreign states, the U.S. Justice Department (DOJ) on Tuesday announced the creation of the National Security Cyber Section — aka NatSec Cyber — within its National Security Division (NSD).
Hackers operating out of countries like China, Russia, and North Korea seek to cause disruption across a wide range of sectors, steal government and trade secrets, spy on targets, and raise revenue via extortion. Such nefarious activities have long been a concern for those overseeing U.S. national security, and the DOJ’s new unit aims to improve the efficiency of tackling the perpetrators’ operations.
“NatSec Cyber will give us the horsepower and organizational structure we need to carry out key roles of the department in this arena,” Assistant Attorney General Matthew G. Olsen of the DOJ’s NSD said in a release on Tuesday.
Olsen added that the new section will allow the NSD to “increase the scale and speed of disruption campaigns and prosecutions of nation-state threat actors, state-sponsored cybercriminals, associated money launderers, and other cyber-enabled threats to national security.”
He also noted that due to the highly complex nature of cyber threats, NatSec Cyber will function as an incubator for time-intensive and intricate investigative work for particular cases.
The new Cyber Section should also improve collaborative efforts with important partners such as the Criminal Division’s Computer Crimes and Intellectual Property Section and the FBI’s Cyber Division, the DOJ said.
The DOJ noted recent successes in its quest to take on cybercriminals, including the disruption of a long-running malware operation in May that enabled Russian spies to nab sensitive information from at least 50 countries, including NASA-member governments, prominent journalists, and other targets deemed to be of interest to the Russian government.
And in January, the DOJ revealed that the FBI had managed to disrupt the infamous ransomware gang Hive, which is responsible for multiple attacks globally targeting hospitals, school districts, financial firms, and critical infrastructure.