The US Department of Justice is elevating investigations of ransomware attacks to a similar priority as terrorism in the wake of the Colonial Pipeline hack and mounting damage caused by cybercriminals, a senior department official told Reuters.

Internal guidance sent on Thursday to US attorney’s offices across the country said information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington. ”It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain,” said John Carlin, the acting deputy attorney general at the Justice Department.

Last month, a cybercriminal group that the US authorities said operates from Russia, penetrated a pipeline operator on the US East Coast, locking its systems and demanding a ransom. The hack caused a shutdown lasting several days, led to a spike in gas prices, panic buying, and localized fuel shortages in the southeast.

Colonial Pipeline decided to pay the hackers who invaded their systems nearly $5 million to regain access, the company said.

”To ensure we can make necessary connections across national and global cases and investigations, and to allow us to develop a comprehensive picture of the national and economic security threats we face, we must enhance and centralize our internal tracking,” said the guidance seen by Reuters and previously unreported.

The Justice Department’s decision to push ransomware into this special process illustrates how the issue is being prioritized, US officials said. ”We’ve used this model around terrorism before but never with ransomware,” said Carlin. The process has typically been reserved for a shortlist of topics, including national security cases, legal experts said.

Also Read

: Explained: Why ransomware is so dangerous and hard to stop

In practice, it means that investigators in US attorney’s offices handling ransomware attacks will be expected to share both updated case details and active technical information with leaders in Washington.