A senior Department of Justice (DOJ) officer explained in a cybersecurity event the Department’s recent tendency to accuse members of foreign units of cyberespionage, something that no other country has done so far, except for the United States.
The comments of the Department of Justice official were followed by recent criticisms of the US justice system for their actions, as reported by specialists in digital forensics from the International Institute of Cyber Security.
So far, members of government-supported hacking groups have been considered out-of-bounds in terms of criminal prosecution, and have been given the same protections as intelligence officers and military combatants. Many legal experts argued that these hackers had committed no crime because they simply acted on orders received from superiors running intelligence operations.
However, in the most recent years, the United States have decided to break with this unwritten rule among nations with advanced cybersecurity capabilities.
The first indictment occurred in 2014, when the United States accused five Chinese hackers, members of Unit 61398 of the third Department of the People’s Liberation Army of China (PLA) for attacks on a number of US government agencies and private companies.
The United States then accused three other hackers in the Asian country in 2017, alleging that they attacked US companies on behalf of the Chinese state under the guise of Boyusec, a Chinese digital forensics company.
More recently, in March 2018, the United States accused nine Iranian hackers employed by the Mabna Institute. The DOJ held that the nine hackers carried out their activities on behalf of the body of Iran’s Islamic Revolutionary Guard. The following indictment came in July 2018, when the US accused 12 Russian hackers of the attacks on the Democratic Party.
The policies of the DOJ have attracted criticism from many sectors, now the institution has decided to respond.
“There are some who question the US government’s approach to dealing with hackers sponsored by other governments, often because many arrests have not been made”, said Adam Hickey, Deputy General Attorney of the DOJ National Security Division.
“It is easy to forget that, until recently, such charges had not been heard, because for a long time this was considered only a problem of intelligence, without considering the disruption and deterrence, which are our objectives in dealing with terrorism, espionage and other threats of national security”.
“But imagine a world in which there are no criminal charges, no formal accusations against these activities. It would be the work of the private sector only to accuse the culprits; what message does this send to foreign hackers?
The official argues that these accused hackers have taken intelligence activities to a criminal field.
According to specialists in digital forensics, the purpose of the US is for other countries to take similar measures against the criminal computer activities that governments have disguised as intelligence activities.
Working as a cyber security solutions architect, Alisa focuses on bug bounty and network security. Before joining us she held a cyber security researcher positions within a variety of cyber security start-ups. She also experience in different industry domains like finance, healthcare and consumer products.