The Best Way to Stop Ransomware Attacks: Be Proactive, Not Reactive

Whenever the Justice Department has confronted a new and sophisticated criminal threat, it has focused its resources on proactive rather than reactive investigations and reorganized itself accordingly. That’s how the department confronted organized crime in the 1960s, and terrorists after Sept. 11. And that is how the department should confront ransomware today.

Reactive investigations start with a known crime and try to find the culprit. Proactive investigations, by contrast, start with known or suspected criminals and seek proof of specific crimes they may have committed, as well as intelligence on the criminal apparatus that supports them, such as who supplies them with necessary tools and contraband, how they communicate and how they move their money.