In a significant shift in U.S. cyber policy, the government is now focusing on ransomware gangs and online fraud rings as major global criminal organizations, rather than viewing them as simply isolated individual threats. According to Cynthia Kaiser, the former Deputy Cyber Director at the FBI and now serving as the Senior Vice President of the Ransomware Research Center at Halcyon, this new strategy is intended to enhance resource allocation and coordination among various governmental and regulatory agencies. This approach not only recognizes the interconnected nature of these criminal enterprises but also aims to implement a more cohesive and effective policy framework to address them.

Under a recently unveiled policy, the White House is taking a comprehensive stance against cybercrime by seeking to disrupt not just the perpetrators themselves but the very foundations of their operations. This includes targeting the financial networks that support these criminals, the infrastructure they utilize, and the leadership structures that enable large-scale cybercrime campaigns. Kaiser emphasizes that the policy also encompasses addressing money laundering operations, which are crucial for the survival and expansion of criminal enterprises. By pressing against these key components, the U.S. intends to dismantle the support systems that allow cybercrime to flourish.

Kaiser articulates a poignant observation regarding criminal behavior, indicating that mere laws are rarely sufficient to deter criminal activity. “To me, it’s less effective criminal activity, and by that, I mean I don’t think there’s been a criminal law that was passed and then the criminals said, ‘Oh, I’m not going to do that crime anymore,’” Kaiser states. Instead, she believes that the goal should be to make these criminal activities less effective over time, thus hindering their ability to operate at scale.

In a recent video interview with the Information Security Media Group, Kaiser discussed a range of critical topics addressing the evolving landscape of cybercrime enforcement. Important points included the rationale behind the new U.S. cyber strategy, which now treats ransomware groups as transnational crime networks that operate under a complex, shared ecosystem. This change is fundamental as it allows for more sophisticated approaches to combating these multifaceted threats.

Moreover, Kaiser explained how the new focus on infrastructure, money laundering, and shared services is pivotal for disrupting cybercrime ecosystems. By targeting these areas, the strategy aims to create a domino effect that will dismantle the larger networks that support these activities, thereby decreasing their overall efficacy.

The role of sanctions and international cooperation was also emphasized by Kaiser. She noted that cross-border collaboration—together with robust cryptocurrency tracing—would serve as formidable tools in the enforcement arsenal against cybercrime. Given that cybercriminals often operate across multiple jurisdictions, international cooperation is essential for effective intervention.

Kaiser’s extensive background serves as a foundation for her insights; she has over two decades of experience in cyber and national security. Having held significant positions, including serving as a Presidential Daily Brief (PDB) intelligence briefer across two administrations, she has a deep understanding of the threats facing government, critical infrastructure, and private enterprises alike. Her credentials are further underscored by her involvement with the Cyber Safety Review Board and various critical infrastructure security groups, making her perspectives on cyber policy particularly noteworthy in light of current threats.

As cybercrime continues to evolve in complexity and threat level, the interplay between law enforcement strategies and technological advancements will be crucial for safeguarding not just national security but also public trust. The new U.S. policy represents a proactive and holistic approach aimed at progressively dismantling the structural foundations that allow cybercriminals to thrive.