The Department of Justice’s Office of the Inspector General has assessed DOJ’s strategy to counter and respond to ransomware attacks and related threats and recommended that the department improve its metrics for tracking the progress of its disruptive activities against threat actors.
OIG said Wednesday it found that DOJ’s existing metrics did not account for the department’s transition from indictments and arrests to actions to disrupt ransomware threat actors and the cybercriminal ecosystem.
“Regardless of whether the Department maintains ransomware as a priority goal, it should determine which metrics are most impactful to ensure they capture the effectiveness of its actions to combat the ransomware threat,” the OIG report reads.
According to the report, the FBI and the DOJ Criminal Division’s Computer Crime and Intellectual Property Section—or CCIPS—have prioritized the threat posed by ransomware and allotted resources to combat it. For instance, the bureau created a ransomware strategy designed to target the threat actors, finances and infrastructure supporting the ransomware ecosystem.
The OIG report also called on the Office of the Deputy Attorney General to evaluate the implementation of its deconfliction policy in ransomware cases to help ensure consistency when it comes to compliance and implementation.
According to the document, the FBI should better define the role of the National Cyber Investigative Joint Task Force Criminal Mission Center to ensure the effectiveness of its efforts.