By Gavin Wilde

Over the past month, the Biden Administration has achieved some needed momentum in the fight against ransomware. As attention to ransomware grows, however, policymakers must avoid the temptation to overmilitarize the U.S. response. Investment in anti-ransomware operations at the Department of Defense’s Cyber Command should be balanced with investment that develops the capabilities of other federal law enforcement agencies, which have already carried out vital anti-ransomware activities.

U.S. law enforcement agencies—in collaboration with European partners—were at the forefront of recent operations to expose and apprehend hackers and their facilitators, infiltrate and disrupt their networks, and seize some of their pilfered gains. These efforts were accompanied by sanctions targeting the illicit digital currency exchanges used for ransom payments, bounties on ransomware affiliates, and a diplomatic press for an international coalition to “meaningfully reduce safe havens” for offenders. Not long thereafter, citing “pressure” from unspecified authorities, the ransomware outfit BlackMatter—which U.S. law enforcement agencies had announced as a high priority target—called it quits (at least for now). Russia’s recent detention of a fugitive credit card scammer even offered the faintest glimmer of hope that talks with Moscow on cybercrime might somehow bear fruit.

This piece was originally published in Just Security on November 30, 2021. Read more HERE.