DoJ’s New Cyber Unit to Focus on Nation-State Cybercrimes

The U.S. Department of Justice unveiled a new team – the National Security Cyber Section – to disrupt nation-state threat actors and prosecute them at the “earliest stages.” NatSec Cyber will work closely with the DOJ’s Computer Crime and Intellectual Property Section.

See Also: OnDemand Webinar | Learn Why CISOs Are Embracing These Top ASM Use Cases Now

NatSec Cyber is part of the department’s National Security Division focused on scaling and speeding up disruption campaigns and prosecutions of nation-state actors for a wide range of crimes including “stealing sensitive technologies, trade secrets, intellectual property and personally identifying information; exerting malign influence and exporting repression; and holding our critical infrastructure at risk to destructive or disruptive attacks,” said Assistant Attorney General Matthew G. Olsen on Tuesday at a Hoover Institution event in Washington.

Congress approved funding for the new cyber unit in response to the core findings in Deputy Attorney General Lisa O. Monaco’s Comprehensive Cyber Review in July 2022, and also approved the division’s other two units, the Counterterrorism Section and the Counterintelligence and Export Control Section.

The NatSec Cyber Section will complement and provide further assistance to the Computer Crimes and Intellectual Property Section. The organization is designed to “mirror” the structure of the FBI’s cyber division, Olsen said.

The department said it is countering nation-state threats with a “full range” of capabilities that include “the innovative use of legal tools beyond traditional criminal charges,” he added.

The formulation of the NatSec Cyber Section comes on the heels of the DOJ’s high-profile disruptions of nation-state criminals, including the takedown last month of the Russian government’s “foremost cyberespionage tool,” dubbed Snake, which had been in use for nearly two decades. The DOJ and the FBI in January seized the Hive ransomware infrastructure and shut down the ransomware-as-a-service group’s leak site and two servers located in Los Angeles.

Olsen said it’s no secret that the United States is a target of China, Russia, Iran and North Korea. China has compromised telecommunications firms and targeted journalists and dissidents to suppress the free flow of information, and Russia has bolstered its ability to compromise critical infrastructure and inflict maximum damage during a crisis, he said.

“Iran too continues to be an aggressive cyber actor, taking advantage of the asymmetric nature of cyberattacks. North Korea is turning to illicit cyber activities to steal the funds and technical knowledge it needs to further its military aspirations and weapons of mass destruction programs,” Olsen said.

Until now, the National Security Division has been leading the charge against these nations with “just a handful of dedicated cyber prosecutors and with a shoestring budget,” Olsen said. But the NatSec Cyber Section aims to provide prosecutors in the 94 U.S. attorney’s offices and 56 FBI field offices nationwide with a valuable resource, promoting collaboration and effectiveness in dealing with cybercrime and intellectual property theft cases.