The FBI and other federal agencies are increasingly looking to counter cyber threats through tools other than criminal indictments, the head of the bureau’s cyber division said in an interview with The Associated Press. Arrests and indictments of foreign cybercriminals are still appropriate in certain circumstances and something the FBI pursues “every day of the week,” said Assistant Director Bryan Vorndran. But as federal agencies look to have the most disruptive impact possible on cyber crime, FBI officials are thinking carefully about how best to time an indictment, or whether an indictment is even the best action. “We’re just much more mature in the space of working with our interagency partners, and really keeping an eye down the road in terms of how we have the biggest impact,” Vorndran said. The FBI, he said, is now “very open to being told” that when it comes to an adversary, ”‘You know what, as a team member, it may not be the right time to deploy an indictment, but it very much may be the right time to deploy’” an action from U.S. Cyber Command. The evolution reflects the fact that multiple government agencies share responsibility for, and have unique roles in, countering a cyber threat that has only deepened over the last decade. The Justice Department has long regarded indictments of foreign hackers as a way to “name-and-shame” them and deter the hostile governments that employ them. Other government agencies, though, are bringing their own powers to the table that may take may precedence over the use of criminal charges or been seen as imposing greater costs or deterrence. Cyber Command, an arm of the Defense Department established in 2010, has grown aggressive in its pursuit of hackers, conducting more than two dozen operations intended to thwart interference in the 2020 presidential election and more recently against ransomware gangs. The White House has shared information about Russian hackers with the Kremlin for it to take action on its own. Last week, Russia’s Federal Security Service, or FSB, announced the detention of members of the REvil ransomware gang. The FBI itself has used actions other than indictments. In June, it recovered the majority of a roughly $4.4 million ransom that Colonial Pipeline paid to hackers responsible for a ransomware attack that caused gas shortages for days. It secured a court warrant in April that gave it remote access to hundreds of computers to counter a massive hack of Microsoft Exchange email server software. Vorndran spoke to the AP after participating last week in a Silverado Policy Accelerator discussion in which he said the FBI was moving away from “an indictment and arrest first model, and to the totality of imposing costs on our adversaries.” “That probably is a simple way of saying we’re really trying to work with everybody, public and private sector partners, to understand the totality of the capabilities and the authorities that exist … so that we have the biggest impact at the moment in matters,” he said in the interview. Indictments, a bread-and-butter tactic of law enforcement, can lock accused hackers inside their home countries and put adversaries on notice that their actions have been detected. But their practical impact is often limited since there’s generally minimal chance of a defendant being brought to the U.S. for trial. […]

The post FBI, US Agencies Look Beyond Indictments In Cybercrime Fight appeared first on The Yeshiva World.