The US Military Has Taken Action Against Ransomware Groups and 'Imposed Costs'

"The U.S. military has gone on the offensive against ransomware groups," reports CNET, "as U.S. companies increasingly become targets of malware attacks, the nation's top cyber defender acknowledged on Saturday." Up until about nine months ago, reining in ransomware attacks was seen as the responsibility of law enforcement agencies, Gen. Paul M. Nakasone, the head of U.S. Cyber Command and director of the National Security Agency, told the New York Times. But attacks like the ones on Colonial Pipeline and JBS beef plants have been "impacting our critical infrastructure," Nakasone said, leading federal agencies to ramp up the gathering and sharing of intelligence on ransomware groups....

Nakasone didn't describe the action taken or identify the groups targeted, but said one of the goals is to "impose costs" for ransomware groups. "Before, during and since, with a number of elements of our government, we have taken actions and we have imposed costs," Nakasone said. "That's an important piece that we should always be mindful of."

Re:

[Tokolosh]

Thank the US Military. You no longer need to take off your shoes and belt for a nudie scan. The Partriot Act has been repealed. There is peace and stability in Afghanistan, Iraq and the rest of the Middle East. Easily worth the lives and cost. The most efficient and cost-effective way to conduct diplomacy.

BTW, what happened to Posse Comitatus Act?

Re:

[fustakrakich]

BTW, what happened to Posse Comitatus Act?

Nothing, why do you ask?

Re: Like terrorism from Afghanistan

[BKX]

Well, except for the two biggest wars ever. You could argue that the USA didn't have all that much to do with the victory in World War I, but World War II was definitively an American victory. Since then it hasn't been all victories, but it hasn't been all losses either. The US won in Iraq, even if the rebuilding effort that came after was lackluster, for instance. Korea was a draw, not a loss, as well. Get your history right next time. You can make the argument that the USA isn't all-powerful without completely being full of shit.

Furthermore, any argument that these victories don't count because the US didn't start them or because they had allies is bullshit with catpiss on top. However the US got into those conflicts and whoever they fight along side, it was the US that unequivocally won them.

Re:

[Snarky McButtface]

WWII was a Soviet victory. The Soviets lost over 20 million people in the war because they put victory above all else.The military deaths were 8.7 million people. We haven't lost that many people in all the wars we've fought. Long before we landed on the beaches of Normandy, the Soviets were on their way to Berlin.

Re:

[Snarky McButtface]

I understand your reply to the comment that was nonsense but the Russians did the heavy lifting during WWII.

Re:

[flyingfsck]

The soviets destroyed the German 6th and 8th armies at Stalingrad - and much more. They are *still* digging up 10,000 skeletons a year during reclamation work in the fields around the city. BTW, the problem with Afghanistan is mainly due to Pakistan. The people who used to live in Afghanistan have long gone. The assholes who are there now, are from northern Pakistan.

Re: Like terrorism from Afghanistan

[Whateverthisis]

That's nonsense. It's a re-write of history that's been ongoing for some time.

Just because the Soviets lost a ton of people didn't mean they won the war. Men win wars, but those men need food, bullets, and equipment that requires raw material. That was primarily provided by the US and the UK. The Soviet juggernaut would not have existed without the US and the UK fueling it's industries and keeping them fed. Approximately 53% of all ordnance the Soviet Union used was provided by the US. All this was done on loan, at a 90% discount, and then basically the loan was just forgiven when no one expected the Soviets to pay it back.

Joseph Stalin, 1943, Tehran Conference - "Without American machines the United Nations could not have won the war."

Nikita Kruschev in his memoirs - "First, I would like to tell about some remarks Stalin made and repeated several times when we were "discussing freely" among ourselves. He stated bluntly that if the United States had not helped us, we would not have won the war. If we had had to fight Nazi Germany one on one, we could not have stood up against Germany's pressure, and we would have lost the war."

Everyone likes to say that "the Americans came late" and "everyone else did the fighting". Lend-Lease kept the Allies in the war long before the US joined as a combatant.

Re:

[rbrander]

>Just because the Soviets lost a ton of people didn't mean they won the war.

88% of German soldiers who died in WW2 died at Russian hands.

THAT means they won the war.

Re:

[rbrander]

Ooops. I recycled your "war" word. It means they won the war in Europe. Everybody is happy to acknowledge that VJ day is an American victory.

Re:

[Whateverthisis]

Yes. Russians driving in on T-34s made with US steel, on trucks made with Ford engines and Ford tires, fed by American food. The entirety of supplies used to support American forces from 1942 to 1945 was 22 million tons, and the US supplied approximately 17.5 million tons to Soviet forces.

You're talking about the end of the war. The Russians wouldn't have been in the position they're in without American supplies.

Re:

[flyingfsck]

There is a war memorial not far from me with 7000 soviet boys - all 20 to 24 years old - who liberated this city in Central Europe. There are certainly no American soldiers here. The German soldiers are stuck in little boxes in warehouses, or unmarked mass graves next to the roads - nobody wants them, not even Germany.

Re: Like terrorism from Afghanistan

[AmiMoJo]

Calling Iraq a win is a bit of a stretch. Remember that we went in because of WMD, and then it turned out there weren't any. So right off the bat there was no legal justification for the war, and the primary objective proved impossible to complete.

Overall, has the war made things better or worse for the majority of people living in Iraq? The answer is worse, it's destabilized the region and now there are a lot of groups fighting who were previously kept in check by the military. Religious groups are openly oppressing people, and terrorists find sanctuary there.

Re:

[mcswell]

You're saying life in Iraq was a picnic under Saddam Hussein? I think a lot of Kurds alive today would disagree, and probably a lot of other Shi'a Muslims would disagree too. And whether the US invasion was legally (under whose laws?) justified is irrelevant to who won it.

Re:

[EEPROMS]

accept WWII was in part sold to the people as a means to stop the spread of authoritarian rule in Europe, one small problem, more of Europe was under authoritarian rule after 1945 than before the war started.

Re:

[flyingfsck]

WW2 in Europe was Krauts against Slavs and the Slavs won. Whoever wins a war, gets to write the history and in Europe, the Yankees really didn't do much, so sorry, you don't get to write anything.

Puppet show.

[Narcocide]

I've said it before and I'll say it again, but until my entire family is in jail there's no proof they're doing shit other than wasting money staging fights with themselves.

Re: Puppet show.

[klipclop]

Not only that, but there should be "costs" for middle and upper management of the institutions who fail to lock down their IT environment. If you are stupid enough to leave your door wide open, someone is eventually take you up on the offer to rob you blind.

Re: Puppet show.

[sjames]

True, but they and they alone have committed a crime.

What, no iron bars on your car window?

Re:

[Whateverthisis]

There are costs for upper and middle management. Not criminal, but the government has no place to criminalizing what is an internal dispute in a company. So it's up to the company, but basically negligence allowing for fraud is a violation of the fiduciary responsibility of the executive management to the shareholders. Most of this is mitigated with General Liability Insurance riders around cyber security, but the loss of credibility, which is the only thing you really have as an executive, can make your

Re:

[phantomfive]

Yeah, but imagine if we could get countries occupied with cyber-warfare instead of traditional warfare. Leaders seem to have a need to fight in some way or another, and distracting them with cyberwarfare could prevent another Vietnam.

Re:

[phantomfive]

Indeed, cyber-warfare can cause problems for people. But it won't put a bullet through your head.

Re:

[fustakrakich]

But it won't put a bullet through your head.

Patience... [theguardian.com]

Re:

[phantomfive]

Swatting doesn't exist then? Many bullets have been put through peoples' heads due to that.

How many? How many people have been killed because of a prank 911 call that was answered by a swat team?

Re:

[Snarky McButtface]

Wikipedia lists three deaths in the United States from 2015 to present. That is a 1/2 a person a year for six years. Shark attacks kill the same amount of people. That is how serious the situation is.

Re:

[Bert64]

Why bother with backups? Let the hackers back up your data and host it for you then you can download it again whenever you want through tor just like everyone else.

Re:

[Local ID10T]

I've said it before and I'll say it again, but until my entire family is in jail there's no proof they're doing shit other than wasting money staging fights with themselves.

You are small change with an inflated sense of your own worth.

If you were big time you would be watching for drones in the sky, not complaining that your whole family hasn't been jailed yet.

Realistically tho, the danger is more likely to be an "accident" or "mugging gone wrong" than anything as overt as a drone strike.

US has captured the mastermind

[olsmeister]

The US has conducted an operation to capture the mastermind of the ransomware group, and is demanding $20M in Bitcoin to release him.

There is only one acceptable cost

[quonset]

Execution. Find them. Hunt them down and execute them on the spot.

Guaranteed they will never try another ransomware attack again.

Re:

[KiloByte]

Russia might object to executing criminals on their soil, especially those paid by the government.

Re:

[Shag]

Yeah, Russia is very particular about how people die. Needs to be an accident, or suicide. Falling from many floors up is popular.

Re:

[quonset]

Yeah, Russia is very particular about how people die. Needs to be an accident, or suicide. Falling from many floors up is popular.

I hear drinking tea is an option.

Re:

[jabuzz]

I thought Russia preferred Polonium-210 or Novichok

https://en.wikipedia.org/wiki/... [wikipedia.org]
https://en.wikipedia.org/wiki/... [wikipedia.org]

Re:

[phantomfive]

Because execution has prevented so many other types of crime.

Re:

[quonset]

Because execution has prevented so many other types of crime.

If you're dead, you can't commit any more crimes. So yes, execution has prevented many other types of crime.

Re:

[phantomfive]

Giuliani didn't stop crime. There was still crime while he was mayor.

Re:

[Antique Geekmeister]

May I suggest you look up the "Innocence Project", which helps correct the convictions of innocent people unjustly convicted? "Execute them on the spot" carries enormous risks, especially because it would violate various international treaties to kill guilty people without extradition or trial.

Re:

[VeryFluffyBunny]

Maybe you should tell the US personnel working in the many 'black sites' around the world, torturing people to death. Also the US drone operators dropping bombs on wedding celebrations. Yeah, it's illegal, everyone at Langely, the Pentagon, & the Whitehouse know it, but none of them seems to want to call it that way.

Re:

[Antique Geekmeister]

I agree that those are horrible and illegal, and that they sometimes hit innocent people. The risk is increased when guerrillas reside among the non-combatant population, though it's not surprising when they are confronted with overwhelming levels of air support.

Re:

[VeryFluffyBunny]

they sometimes hit innocent people

Sometimes?

guerrillas reside among the non-combatant population

The guerrillas, more commonly known as insurgents, were the non-combatant population before their family members were kidnapped, tortured to death &/or blown up by bombs. They also tend to get recruited by drug barons, war lords & other kinds of organised crime just to help protect & feed their families. When the USA invaded Afghanistan & installed Hamid Karzai as president, opium production increased from 185 tons in 2000 to 3,400 tons by 2002. That's more than a 1,700% increase i

I am against this on principle...

[sinij]

... but if they drone strike the group that ransomwared hospital early in the pandemic, I might forget to object.

Re:

[AmiMoJo]

There military is the wrong tool. All it will do is escalate things.

Defence is the best solution. Don't get hacked in the first place. Spend that tax money on finding and fixing vulnerabilities, and helping companies secure their networks.

Re:I am against this on principle...

[hdyoung]

Oh hell no. Absoutely nope. Offense nearly always wins over defense. Defense has to work all the time, every time, while offense only has to work once. Plus, offense usually has the advantage of surprise. The reasons go on and on.

Defense has an important role to play, totally true. But without the ability to hit back, youre basically a lump of passive flesh with a target that says “kick me” on your back. I live in the US why do you think we have all those missles? Defense lol yeah right.

Attack-back responses to cyber are inevitable.

Re:

[AmiMoJo]

Offense rarely works when it's the military against a civilian group. We have seen that time and time again, and unlike most conflicts in this case the civilians have access to the same weapons that the military does, perhaps even better ones since they don't care about things like collateral damage.

How do you imagine this playing out? One of these ransomware groups hits a hospital in the US. The military does what, attacks a hospital in Russia in retaliation? The hackers won't care but Russia will probably

Re:

[hdyoung]

This situation is a bit like organized piracy, which we (and many other countries) respond to with various degrees of physical, organized force. These ransomeware groups used to be careful, but now they're getting pretty indiscriminate about hitting hospitals, pipelines, and government agencies. While I wouldn't be too unhappy about a drone strike in response to something like this, cyber'ing their critical infrastructure would probably be a more appropriate response. I'm 99.999% sure that we shut down the

Re:

[LostMyAccount]

I would guess direct action against ransomware groups would be somewhat easier and less difficult than some random group of rebels.

The ransomware folks have a pretty complex set of logistical systems that need to be working. The guerillas who live out of some rough camp in the mountains do not.

There's probably a few places in the ransomware logistical chain which are vulnerable and would set them back a lot. I'd wager there's some dependency on crooked data centers or network operators, that if damaged, w

Re:

[bloodhawk]

Never acceptable to have the military intervening unless it is in response to a foreign state instigated event. It is a very slippery slope, before long it will be the military turning up to impose costs because you forgot to pay your taxes.

Re:

[VeryFluffyBunny]

Ha ha! You even used slippery slope in your argument. I somehow doubt you've ever won any debating contests.

Re:

[shilly]

1. I'm pretty sure their focus will be on groups supported by foreign states.
2. Conceptually, I don't see why the military ought to be limited to actions against foreign states and not other foreign bad actors. And in practice this is obviously not the case.

Re:

[mcswell]

There is this thing called the US Coast Guard, and there are these people called drug runners, who are not government people.

Re:

[JustAnotherOldGuy]

You seem triggered....did you forget to take your horse paste this morning?

Re:

[gtall]

Errr, the Get-Out-of-Afghanistan plan was brokered by Dear Leader. In fact, he had the U.S. leaving by April or May. It was Biden who got stuck with a hot potato. He didn't do a great job of it, but then he didn't create the hot potato.

What's this bullshit about being WOKE? You mean not running homosexuals out of the military is somehow woke? Whatever happened to the right wing-nut's concept of individual liberty or is that only for nice white people who agree with you?

The rest of your screed is simply mind

can they take 51% of bitcoin mining & control

[Joe_Dragon]

can they take 51% of bitcoin mining & control it?

Kill 'em all! Let God sort them out!

[Hey_Jude_Jesus]

Just sayin... !!!!

If they're domestic ransomware groups

[the_skywise]

This action is unconstitutional.

In Soviet Russia...

[davidwr]

... domestic ransomware groups encrypt YOU!

Tell me more

[raymorris]

Which clause of the Constitution is violated?
How so?

What I'm really confused about is the first few words of your post. You don't even know what country something happened in, and apparently have no idea whatsoever what happened, yet whatever happened must have been unconstitutional?

Sixth amendment

[Okian Warrior]

Which clause of the Constitution is violated?
How so?

What I'm really confused about is the first few words of your post. You don't even know what country something happened in, and apparently have no idea whatsoever what happened, yet whatever happened must have been unconstitutional?

He's probably confusing the posse comitatus act [wikipedia.org] with the US constitution, which prohibits using the armed forces to enforce civil law (absent authorization from congress).

Constitutionally, the armed forces are directed by the executive branch, and attacking domestic citizens is equivalent to imposing a sentence without trial, which would be a violation of the 6th amendment.

This came up a few years back when Obama ordered drone strikes on 2 US citizens [wikipedia.org] who were not in the theater of war. That the executive branch can order citizens killed was not in question, but the action was done without first having a trial.

So yes, it would be an unconstitutional action if the armed forces "got back" at ransomware groups if they were US citizens and those citizens were on US soil.

When US citizens are not on US soil, apparently it's OK.

Re:

[JustAnotherOldGuy]

He's probably confusing the posse comitatus act [wikipedia.org]

I always thought that was the "Posse Come To My House" Act, have I been misreading it all these years? I thought it was some kind of group-invite thing.

Re:

[bill_mcgonigle]

> "Posse Come To My House" Act, have I been misreading it all these years?

You're confusing this with Tinder, which is one phoneme off.

Re:

[raymorris]

> He's probably confusing the posse comitatus act with the US constitution, which prohibits using the armed forces to enforce civil law (absent authorization from congress).

Perhaps. Funny thing - the posse comitatus specifically applies only to the Army and Air Force, not ht Navy, Marines, Coast Guard, or Space Force. However, the secretary of defense issued a directive saying they should not be used for domestic law enforcement except as authorized.

Referring to the posse comitatus act assumes that an a

Anwar al-Awlaki was tried and convicted

[raymorris]

I'm not arguing that how the situation with Anwar was handled is fine. I think it may be useful to be careful about stating the facts correctly, however. Only by be careful with the facts can we say exactly WHY it was wrong.

> That the executive branch can order citizens killed was not in question, but the action was done without first having a trial.

It may be worth noting that Anwar al-Awlaki was tried and convicted, in Yemen by the Yemeni government, before being killed in Yemen.

The judge ruled that he

I'm shocked

[buss_error]

I'm shocked that someone talked about this on the record. For years I've heard slight hints that black operations were being carried out by intelligence. Nothing out and out said, but some of the more irritating hackers just ... were never heard from again.

Re:

[Anonymous Coward]

It's public because it's a warning. We won't just go after some of the money and complain to your government, we'll kill you.

Re:

[byromaniac]

I'm shocked that someone talked about this on the record.

Deterrence doesn't work if no one knows about it. To quote Dr. Strangelove - "Of course, the whole point of a Doomsday Machine is lost, if you *keep* it a *secret*! Why didn't you tell the world, EH?"

Re:

[bill_mcgonigle]

This. Also Congress is "supposed to" have oversight.

And, no, not 2% of Congress.

Goodbye ransomware, hello outright deletion

[davidwr]

Your next state-sponsored attack's README.TXT file: "Dear victim, you would have been instructed to send $1000 ransom in cryptocurrency, but your government would track us down and 'impose a cost'. So we are making it simple for everyone: You don't have to pay a ransom. In fact, you don't even get to pay it. Your data has already been deleted. If you want the opportunity to pay a ransom the next time, tell your government to back off. Have a nice day."

The idea is that since the bad guys don't need you

Re:

[AleRunner]

Excellent. This would be a result for the military. A) the companies that are setting up insecure systems would either learn or go bust and B) there would be less funding flowing in the direction of the people doing this.

Re:

[shilly]

Now game out the scenario in which the US military does *not* seek to impose costs.

Our military shouldn't be acting against civilians

[rsilvergun]

There is so many reasons for that it's hard to know where to begin. And if there's State actors that's fine but then our military should be announcing that they took action. We have a CIA for a reason.

Care to share one or two?

[raymorris]

> Our military shouldn't be acting against civilians
> There is so many reasons for that

Care to share one or two of those reasons?

You've got a criminal operation in let's say Beijing, or Moscow. They spend their day attacking US hospitals and smaller cities, taking out the systems used by the local fire department, ambulances, etc. The ONI knows where they are. Why SHOULDN'T Cyber Command wipe their hard drives?

Re:

[DNS-and-BIND]

Because leftists like you hate the military and oppose anything it does? They're baby murderers, remember? Now you love murdering babies? What makes you think their targeting is any more accurate than the time they killed civilians that one time?

Re:

[raymorris]

Remember when Ben Shapiro couldn't think of any good answers to Andrew Neil's question, so he called *Andrew Neil* a leftist, then later apologized, calling that statement "idiotic"?

Yeah, that's what you just did.

* For those unfamiliar, Andrew Neil ran Rupert Murdoch's 'Sunday Times'. He later launched GB News, which is an UK analog to Fox News.

Re:

[DNS-and-BIND]

WTF does Ben Shapiro have to do with the US military being regarded as baby-killing murderers? This is such a solid left-wing idea that I don't think I even need to cite sources. It's like saying right wingers love the military. Now the left is baying for blood and calling for attacks on other countries? WTF? How did this reversal happen? It's straight out of George Orwell's "We have always been at war with Eurasia".

Re:

[raymorris]

You called *me* a leftist. You said "leftists like you hate the military".

Which is kinda like calling Reagan a leftist.

Shapiro admitted it was idiotic when he did that. Are you as much of a man as Ben is?

Re:

[DNS-and-BIND]

OK what do we call warmongers like you these days? I'll be careful to use the correct term in the future. The left is the one baying for blood and to start a war with Russia and China. Remember when the warmongering Democrats saw Russia as clear threat to their psycho plan to rule the world? And they prevented rapprochement even though it was clearly in our interest?

Re: Care to share one or two?

[raymorris]

> Because leftists like *you hate the military* and oppose anything it does?

> OK what do we call *warmongers* like you these days?

I'm worried you may be having a stroke. PLEASE see a doctor right away. Time lost is brain lost.

Re:

[DNS-and-BIND]

Now I'm curious. What is your political persuasion other than "I want to start wars"? You mean hand it over to the same generals who had 20 years to defeat a bunch of goat fuckers with AKs and still couldn't get the job done? $2 trillion dollars and for what? We could have bought so many nice things for ourselves with that money. Free college, debt forgiveness for all Americans, a border wall 100 feet tall and a pony. Instead we have nothing but dead Americans to show for it.

Re: Care to share one or two?

[raymorris]

What do you mean I want to start wars? You just said that I hate the military and everything they do. You seem a little confused.

Re:

[DNS-and-BIND]

I have accepted your correction. You know, because you said so. I'd really like to know the politics of the pro war crowd. Because you people are really hard to find IRL.

Re: Care to share one or two?

[raymorris]

After all that, is this what you were trying to say?:

Because when someone attacks you and you erase their hard drive, you started a war.

That would have a response to my question.

Re:

[shilly]

It wouldn't be a first strike. The Russian military and the PLA routinely strike against the US today, and it's wildly naive not to recognise that.

https://en.wikipedia.org/wiki/... [wikipedia.org]

Re:

[leonbev]

You have to wonder if the various Russian Cryptolocker gangs are taking orders from the FSB or they acting independently.

If they are taking orders from the FSB, I'd be OK with the gang members cars "mysteriously" exploding while driving home from work.... repeatedly if necessary.

Re:

[hawk]

>repeatedly if necessary.

I dunno.

It's *really* difficult to make the same person explode even twice, let alone repeatedly.

Re:

[gtall]

Al Qaeda was a state actor?

Making examples

[RightwingNutjob]

Easy to string someone up in the town square. Even the Taliban can do that with no cash and barely literate muscle.

If the guy doing the ransoming is an anonymous coward behind a bitcoin wallet on some other side of the planet, any costs you impose on him from afar are very much an abstraction to anyone you may want to deter, in a way that a body swinging in the breeze isn't.

Law enforcement in the west is at least a public and transparent process. Both to protect the rights of the accused and to deter would-

"imposed costs".. yes, be very mindful

[fustakrakich]

Secrecy is is high price to pay. Is it too high? We should know what is being done if we want to stay out of the crossfire.

Military Bitcoin mining

[VeryFluffyBunny]

Sounds like Gen. Paul M. Nakasone of the NSA is infecting ransomware servers with malware to turn them into Bitcoin miners. That'd "impose a cost" on them by burning up their electricity. Sounds like Gen. Paul M. Nakasone of the NSA might be in business for himself to boost his retirement pension.

That or they're just remotely doing some damage to ransomware gangs infrastructure.

The USA has the most to lose in a cyberwar

[rapjr]

We should be defending ourselves, however striking back carries big risks if it infuriates our adversaries and they decide to use blunter measures (i.e., brick computers instead of encrypting their drives, grid shutdowns, chemical plant explosions, traffic network failures, nuclear reactor shutdowns, databases exposed, town databases made public, hospitals shutdown, medical records made public, dating sites data made public, and more.) Some of this has already happened and some of it may have been in respo

Re:

[ChrisPa]

Draw that logic to the historical wild west -- ocean trade.

Striking back at privateers/pirates could risk infuriating them and drawing extra attacks.

But mostly it just redirected criminal effort to easier targets. Afterall, most actors aren't doing it because they want a war now. Rather, the common mitivations are doing it to probe weakness, to introduce instability, or to get money; strong counterattacks can effectively discourage such actors

Imposed Costs

[big-giant-head]

It's Called a Hellfile R9x Variant (Also known as the Flying Ginsu). Basically instead of an explosive war head that could kill innocent civilians it has several whirling surgical steel blades that reduce the target to fine hamburger. So smug ransom wear thug is riding along ... the next thing you know he's Hamburger Helper without the Helper. Thats one of the imposed costs. These guys are terrorists, it time we started treating them like it (Morning wake up/ dirt nap call from a SEAL team anyon

You know what would make us safer?

[BardBollocks]

secure computing.

not backdoors and hoarded vulnerabilities so that TURBULENT and TURMOIL can be used to hunt whistleblowers, journalists, lawyers, politicians and activists.

Imposing costs is what war IS

[nospam007]

Killing a bunch of unmarried 19 year-olds doesn't cost anything, one man, one excavator can deal with that in a couple of days.

That's why they forbade hollow points, so that most soldiers only get wounded, need medical help, transportation, pay, feeding, artificial limbs, the costs are gigantic.

"we have taken actions and we have imposed costs"

[Klaxton]

I hope effective things have been done, but this was a uselessly vague claim. Really just some blustering. Something along the lines of "We have infiltrated and compromised several major ransomware organizations" would be nice to hear about. Even if it didn't really happen it would sow distrust amongst the bad guys. "We have identified payment trails and know who many of the culprits are" would be a good accomplishment. "We have identified threat infrastructure and taken action to disable or neutralize it" could be a good first step.

Re:

[mcswell]

My guess:

Ransomware people: My computer just bricked, must be that darned Microsoft software.

Cybercom: We got you. You know who you are.