Kellen Dwyer, Kim Peretti, and Emily Skahill of Alston & Bird write:
The Department of Justice dealt a blow to global cybercrime on April 6 with the takedown of a massive botnet controlled by “Sandworm”—the Russian General Staff Main Intelligence Directorate (GRU) unit responsible for the 2017 NotPetya attack, among others. This operation reflects the department’s strategy of prioritizing what it calls “disruptive capabilities” over long-term plays for arrests and extraditions. Not to be outdone, in the same week, Microsoft obtained a court order to seize seven domains being used by another GRU unit, best known as “Fancy Bear,” to target Ukrainian institutions. The two operations illustrate an important truth: The Justice Department’s best tools for fighting cybercrime can also be wielded by any private company willing to invest the necessary resources. And many companies have been eager to do so.
Read more at Lawfare.