Division Focuses on Combating Cyberthreats
June 1, 2018
The U.S. Justice Department's National Security Division, created in
response to the September 11, 2001, terror attacks, is increasingly
focused on an emergent menace: cyberthreats posed by foreign countries,
from Russia to China, the division head said Thursday.
"In the past years, [the division's mission] has come increasingly to
include a focus on cyber as part of the threat posed by certain foreign
nations," said John Demers, assistant attorney general for national
security, citing the prosecution in recent years of hackers acting on
behalf of China, Russia, Iran and the Islamic State terror group.
Over the past two years, U.S. law enforcement and intelligence officials
have been sounding alarm bells about cyberthreats presented by a variety
of foreign actors, from Russian government efforts to disrupt U.S.
elections to Chinese companies trying to steal U.S. trade secrets.
In a report released in February, the Office of the Director of National
Intelligence said the worldwide cyberthreat was on the rise.
"The potential for surprise in the cyber realm will increase in the next
year and beyond as billions more digital devices are connected — with
relatively little built-in security — and both nation states and malign
actors become more emboldened and better equipped in the use of
increasingly widespread cyber toolkits," the report said. "The risk is
growing that some adversaries will conduct cyberattacks — such as data
deletion or localized and temporary disruptions of critical
infrastructure — against the United States in a crisis short of war."
The National Security Division, one of the Justice Department's seven
key units, was created in 2006 as part of the reauthorization of the
Patriot Act, a controversial law that Congress passed in response to
terror threats in the weeks after 9/11.
Speaking at a cyberthreat intelligence forum in Washington, Demers
warned that foreign state and nonstate actors continued to pose a threat
to U.S. national security.
"You know that there are countries in this world that want what we
have," Demers said. "They want our sensitive information, our
technology, our intellectual property. And they want to destroy any
competitive advantage we enjoy."
In his speech, Demers did not address the Russian threat to U.S.
elections but said U.S. law enforcement agencies take every cyberthreat
seriously, regardless of its nature or source.
"You don't have to be a defense contractor to be worried about this," he
said. "Recently, we prosecuted cases involving the thefts of grains of
rice and kernels of corn. No one is immune."
Last month, a Chinese scientist was sentenced to 121 months in prison
for conspiring to steal samples of rice seeds from a biopharmaceutical
research facility in Kansas. In 2016, an employee of a Chinese
conglomerate was sentenced to 36 months in prison for conspiracy to
steal inbred corn seeds protected as trade secrets by DuPont Pioneer and
But not every Justice Department cyberdisruption involves prosecution,
week, the agency announced it had obtained a court order to disrupt a
global botnet that had infected hundreds of thousands of home and office
router devices around the world.
The botnet, known as VPNfilter, was controlled by a hacker group known
as Sofacy Group. It gave the cybercriminals the ability to collect
users' information, exploit their devices and block network traffic.
The FBI later issued a public service announcement about VPNFilter,
urging internet users to reboot their routers.
Demers said the Justice Department worked closely with the private
sector and other government agencies to disrupt the operation.
"The department could not have begun to neutralize this threat alone,"