Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • The Security Leadership Issue
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Newswire

What the DOJ's involvement in cyberattacks means for the future of ransomware

ransomware and the DOJ involvement
August 13, 2021

As businesses transitioned to remote work amid the COVID-19 pandemic, ransomware attacks became a key issue that business leaders were forced to increasingly prioritize. With ransomware attacks ramping up in frequency in the remote environment – most notably, the recent breaches of the Colonial Pipeline and JBS Foods – cybersecurity has become even more of a national security concern, forcing government action from the Department of Justice (DOJ). While the DOJ did not previously play a prominent role in responding to, or assisting with, ransomware attacks of private entities, now that they are threatening critical U.S. infrastructure systems and adversely impacting the economy, the government has been forced to take action. 

As the U.S. Government takes a more prominent role in helping private entities prepare for and respond to cyberattacks, and the government is more highly prioritizing cybersecurity measures, business leaders need to also make cybersecurity a top issue within their own organizations and understand how ransomware is going to evolve moving forward. At a fundamental level, they must have an understanding of what’s at stake if business operations are breached. As businesses navigate this new frontier, there are a number of key issues that they should consider, both for implementing their own cybersecurity protections, as well as adjusting expectations for government involvement in cyberattacks moving forward. 

  1. Business leaders must take ownership of cyber threats

To begin preparing for cyber threats, it is critical that business leaders first accept the reality that, for many organizations, cyber constitutes the number one risk to businesses at this time. This will likely remain the case over the coming months as business operations are vulnerable in the transition to the next phase of work. Cybersecurity awareness and protections must be implemented at every level of the business, including at the leadership level. Once business leaders understand the critical nature of cyber threats, they should make business decisions with cybersecurity in mind in order to better position the organization to prepare for and handle a potential ransomware attack. 

While cyberattacks can’t always be prevented, especially in the increasingly digital business world, there are steps organizations can take to protect employees and sensitive company information, starting first by allocating necessary budget to implement cyber protection programs. Organizations should place strong emphasis on training and awareness campaigns for their entire workforce, employ sufficient endpoint detection and network monitoring tools, limit administrative rights on devices, and generally empower their cyber security function to drive a culture of accountability and security awareness throughout the enterprise.

In addition to preparing their own organizations for cyberattacks, it’s critical that business leaders collaborate with other organizations both within and outside of their industry to prevent attacks. Businesses across all industries are falling victim to cyberattacks, and business leaders can learn from one another and collectively work together to limit digital threats. 

  1. Business risks of DOJ’s involvement in cyberattacks

Cyberattacks pose several major risks for businesses, including financial and operational threats. The DOJ’s involvement in a ransomware attack could take many forms, depending on the size of the attack and the available resources. While the DOJ’s involvement may be helpful, the introduction of any external element into a company’s network inherently introduces risk. A far better strategy is to develop a sound cyber security program that would prevent the need for the DOJ to even step in at all.

Additionally, businesses can prepare for the DOJ’s changing role in cybersecurity by investing in legal support in-house that can help to manage a cyberattack or breach within the organization. Legal counsel can also assist with the government’s potential involvement in a situation. By identifying outside legal consultants that are skilled in the cyber domain, business leaders will feel more comfortable and prepared when stepping into the decision-making process in the event of an attack. 

  1. Future of ransomware

The DOJ’s involvement with cyberattacks and its emphasis on ransomware is a signal that cyber threats in the U.S. are worsening, and organizations are more vulnerable to cybersecurity issues as attackers gain more confidence. There are a number of ways businesses can expect ransomware to evolve moving forward, including decreased reliance on bitcoin for ransom payment and a movement to more privacy-focused cryptocurrencies like Monero. Additionally, business leaders should prepare for a secondary extortion market where a company might get extorted again after another attacker finds or purchases stolen data from an initial attack – this could result in the new attacker asking for more money to prevent additional disclosures. In order to avoid a secondary attack, business leaders must understand that once data is gone, it’s gone. 

An important component of cybersecurity protections is education. Cybersecurity programs do not have to be made overly complicated, and organizations can protect themselves by focusing on the fundamentals – sufficient technical controls, sound policies and procedures, training & awareness, and validation and auditing measures. In addition to informing employees of vulnerable areas, business leaders should implement a system within their organizations to encourage employees to report incidents of phishing. This system of reporting can help to bring awareness to the issue for other employees and give the cyber team a chance to preempt future phishing or ransomware attempts.  

  1. The responsibility of the U.S. government to protect against cyberattacks

The DOJ’s involvement in cyberattacks is new, and it appears that the Colonial Pipeline incident was one of the first times the FBI was publicly involved in the cyberattack of a private entity. This is hopefully a harbinger of things to come, as the U.S. government should take a more active role in defending the country from ransomware attacks. That being said, business leaders of small and mid-sized companies should not expect to receive help from the government. The DOJ has limited resources and they will likely be reserved for high-impact attacks and those against critical infrastructure, as with the Colonial Pipeline. 

As businesses ramp up their digital transformation efforts, the government should develop a set of minimum guidelines for cybersecurity protections across the U.S. economy. The DOJ will not be able to get involved and assist every company that experiences an attack, but by strongly urging companies to implement basic cyber controls, it would radically reduce the levels of cyberattacks many businesses are experiencing. Additionally, at times the government has the ability to actively disrupt cyberattacks in progress, and even remediate critical vulnerabilities in digital infrastructure, which we saw earlier this year when the FBI conducted a court-authorized action to resolve a vulnerability with Microsoft Exchange. Many businesses are too far behind the curve on cyber preparedness, and this encouragement from the U.S. government would give many businesses the push they need to take action and prepare for cyberattacks. 

Businesses need to take extra measures to protect themselves from ransomware attacks moving forward as it’s unlikely that the government will share tactics or technologies with private entities. It’s unclear what resources were used during the Colonial Pipeline situation, but it was likely a capability that’s only available to the government – this is another reason why a higher capable actor would avoid using bitcoin to pay ransoms moving forward as it’s becoming harder to “hide” on the bitcoin public ledger. The government’s lack of involvement shouldn’t deter companies from implementing cyber protections: The bottom-line benefits of implementing programs outweighs the potential financial fallout that would take place if a company were to experience an attack.  

The past year has challenged businesses in unprecedented ways. It’s critical that organizations take concrete steps toward ransomware protection to bypass avoidable challenges, including government involvement and the loss of important company data. By recognizing the threat of cyberattacks, understanding the risks associated with them, and identifying the vulnerable areas within the organization, businesses will be best positioned to handle an ever-increasing volume of cybersecurity concerns.

 

KEYWORDS: cyber security cybersecurity preparedness ransomware

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cyber Tactics Column
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Fountain pen

Trump Administration Executive Order Changes Cybersecurity Policy

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • ukraine protest

    What the Russian invasion of Ukraine means for cybersecurity

    See More
  • cybersecurity and phishing

    DOJ charges two men for involvement in hacking of NFL and NBA players social media accounts

    See More
  • data-center

    What the Zerologon vulnerability means for the state of enterprise security

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

See More Products

Events

View AllSubmit An Event
  • November 14, 2024

    Best Practices for Integrating AI Responsibly

    ON DEMAND: Discover how artificial intelligence is reshaping the business landscape. AI holds immense potential to revolutionize industries, but with it comes complex questions about its risks and rewards.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!