Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

U.S. Attorney General Merrick Garland during a Senate committee hearing in May 2021. Photo: Alex Wong/Getty Images/Bloomberg via Getty Images

The Department of Justice is planning to coordinate its ransomware attack investigations with similar protocols it uses for terrorism cases, according to internal guidance sent to U.S. attorney’s offices reviewed by Reuters.

Why it matters: The new guidance comes in the wake of at least two significant ransomware attacks against major U.S. businesses in roughly a month and as the Biden administration attempts to devise ways to thwart future attacks.

Context: In May, a criminal group breached the Colonial Pipeline, the largest refined products pipeline network in the country.

  • The attack forced the pipeline to shutdown, halting fuel deliveries along the East Coast for days. The company paid the hacker group $4.4 million to regain access to its computers.
  • A Russia-linked ransomware group forced all of JBS SA's beef plants in the U.S. to temporarily shut down this week, exposing the vulnerability of the world's largest meat processor.

What they're saying: According to the guidance, all information garnered from field investigations into ransomware attacks must be shared with the department's ransomware task force, which was created in April.

  • “To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking,” the guidance reads, according to Reuters.
  • “It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain,” said John Carlin, acting deputy attorney general at the Justice Department, per Reuters.
  • “We’ve used this model around terrorism before but never with ransomware,” Carlin added.
  • The Justice Department's decision to use these protocols for ransomware attack investigations "illustrates how the issue is being prioritized," Reuters reported, citing U.S. officials.

Worth noting: "The tracking effort is expansive, covering not only the DOJ's pursuit of ransomware criminals themselves but also the cryptocurrency tools they use to receive payments, automated computer networks that spread ransomware and online marketplaces used to advertise or sell malicious software," CNN reported.

  • The Justice Department did not immediately respond to Axios' request for comment.

The big picture: The Biden administration recently urged businesses to take "immediate steps" to increase their ransomware defenses.

  • White House deputy national security adviser Anne Neuberger recommended that businesses enable multi-factor authentication for sensitive accounts, use endpoint detection and response tools, and encrypt and regularly back up their data.
  • She also called on businesses to separate corporate business functions and manufacturing/production operations to ensure certain networks can be isolated and continue to operate in the event of an attack.

Go deeper: Ransomware business achieves critical mass

Go deeper

White House urges businesses to step up ransomware defenses

President Biden speaking during an event at the White House on June 2. Photo: Alex Wong/Getty Images

The Biden administration is urging businesses to take "immediate steps" to increase their ransomware defenses in the wake of several high-profile cyberattacks, according to a White House memo obtained by Axios.

Why it matters: The U.S. government's former top cybersecurity official Chris Krebs has described ransomware as a "global pandemic" — a crime that is increasingly common, but highly disruptive.

Ransomware business achieves critical mass

Illustration: Aïda Amer/Axios

The Memorial Day weekend ransomware attack that left the world's largest meat processor hobbled also had CEOs around the globe asking, "Am I next?"

Why it matters: The attack on Brazil-based JBS came just weeks after a similar attack on Colonial Pipeline, the U.S.'s largest refined-fuel pipeline operator. Attacks that disrupt food and energy supplies are the kinds that rouse governments to strike back.

Jun 2, 2021 - Technology

Massachusetts Steamship Authority hit by ransomware attack

A Steamship Authority ferry approaches the Nantucket Terminal. Photo: Maddie Meyer via Getty Images

The largest ferry service to the islands of Martha's Vineyard and Nantucket has been targeted by a ransomware attack that is causing travel delays, the Massachusetts Steamship Authority announced Wednesday.

Why it matters: Ransomware has recently become a "global pandemic" thanks to the rise of a profitable industry around it, Axios' Scott Rosenberg writes. In May, a similar attack on Colonial Pipeline, the U.S.'s largest refined-fuel pipeline operator, sent the Southeast into crisis.