May 19, 2017 by

The FBI’s Cyber Action Team is Investigating the WannaCry Ransomware

The sweeping global ransomware menace led by WannaCry and its many variants is being investigated by the FBI’s little-known Cyber Action Team (CAT).

Established by the FBI’s Cyber Division in 2006, the agency’s Cyber Action Team is a seldom-spoken-about rapid deployment group of cyber experts who specialize in immediate actions and response to a cybersecurity threat.

The team of cyber experts can be on location in anywhere in the world within 48 hours, the FBI revealed, to help support cyber-forensic investigations and provide critical answers to move cases forward. The team has approximately 50 members located in field offices around the country and are deployed to provide rapid incident response during major computer intrusions or other cybersecurity- or cyber-related emergencies.

CAT members include special agents and computer scientists, all of whom are trained in advance in computer languages, malware analysis and forensic investigations.

FBI Special Agent Chris Lamb from the Kansas City FBI Division, a CAT member since 2017 underlined the importance of rapid responses in cyber-cases.

Our goal is to provide information that can be actioned immediately. A lot of evidence in a cyber intrusion may only be there for a little while. The trail can get cold pretty quickly.

The FBI has investigated ‘hundreds’ of cyber crimes since the formation of the rapid deployment specialist team. Over 50 of those cases were significant enough to require the specialized skills and rapid response of the Cyber Action Team, according to the FBI.

In some cases, the team was deployed overseas to look into investigations involving U.S. interests abroad.

“Our job is to very quickly understand what the bad guy did and why,” added Lamb. “We make an initial assessment to determine what we know and what we don’t know. Based on that assessment, we then call in other experts to fill whatever gaps we need to have filled.”

In an age where the menace of ransomware and other cyberattacks are more pronounced than ever, it’s imperative that law enforcement agencies are well-equipped to investigate and fight such threats.

Image credit: Wikimedia.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

US Directly Blames North Korea for WannaCry Cyberattack

The White House under President Trump’s administration has blamed North Korea behind WannaCry -...

Read more arrow_forward

The UK’s NHS Toughens Cybersecurity Defenses after WannaCry Ransomware

The United Kingdom’s National Health Service (NHS) is set to spend £20 million on a new security...

Read more arrow_forward

UK Govt Blames North Korea for WannaCry Ransomware CyberAttack

  The UK government has blamed North Korea for WannaCry - the comprehensive ransomware...

Read more arrow_forward