Sue Gordon, Former Principal Deputy Director for Office of the Director of National Intelligence and Matt Olsen, Uber Chief Trust and Security Officer and Former Director of National Counterterrorism Center, during a panel discussion at CNBC ‘s @ Work conference in San Francisco, CA on November 4, 2019.
Arun Nevader | CNBC
The Department of Justice announced on Tuesday a new unit within its National Security Division focused on pursuing cyber threats from nation-state and state-backed hackers, formalizing an increasingly significant part of the national security apparatus into the Justice Department’s hierarchy.
In a statement, Assistant Attorney General Matt Olsen said the new unit would allow the DOJ’s national security team to “to increase the scale and speed of disruption campaigns and prosecutions of nation-state threat actors, state-sponsored cybercriminals, associated money launderers, and other cyber-enabled threats to national security.”
The Department of Justice has aggressively pursued state-backed cyber actors, especially those in China or North Korea. Top national security officials outside the DOJ have also emphasized China as a top cybersecurity concern, including the United States’ top cybersecurity official.
The announcement made no mention of Chinese cyber efforts, which CISA director Jen Easterly described last week as an “epoch-defining threat.”
Concerns over corporate and industrial espionage have long been a concern for top government and corporate executives, especially as Chinese concerns seek to leapfrog ahead and develop equivalent technology, allegedly off the backs of U.S. innovation or research.
Last month, the Secretary of the Navy confirmed that the navy had been “impacted” by a China-backed hacking group which was seeking intelligence and data.
The release did emphasize the threat posed by Russian malware and ransomware groups, which researchers and practitioners characterize as potent but less coordinated and less strategic than incursions from China.
While Chinese hacking groups have “lived off the land,” gathering intelligence and data, Russian and North Korean groups often seek to extort their victims for profit, generating revenue for themselves or their governments.
Building cases against those groups can take years, and don’t always result in an arrest, given the far-flung nature of the hacking groups.
“NatSec Cyber will serve as an incubator, able to invest in the time-intensive and complex investigative work for early-stage cases,” Olsen said.