On Friday, Harry R. Haldeman, the District Attorney for Los Angeles, filed suit in 14th US District Court against asking the Court to order General Buck Turgidson (USA, Ret), the director of the US Critical Infrastructure Security Operations Center to make available to prosecutors in the United States the tool known as “Bitcoin Tracker”. Haldeman claims that the tool used in recent attacks reported by CI-SOC would allow government to track, identify and prosecute the actors behind the recent spate of ransomware attacks.
Haldeman told reporters today that he had talked to Turgidson immediately after the ransom recovery had been announced by CI-SOC last week about obtaining access to the tool. “Buck told me that CI-SOC was not releasing the tool for National Security reasons.” Haldeman said, “I have done some additional checking and it does appear that he has gotten into some hot water with the national security establishment for even announcing that the tool existed. But at this point the cat is out of the bag and we need access to this invaluable tool to put a stop to the ransomware epidemic.”
Turgidson would not comment, citing federal rules about not commenting on ongoing litigation. An official working at CI-SOC who cannot be named confirmed that Turgidson had been reprimanded for discussing the tool. “The counterterror folks have been using this tool for over a year now to track money flow to various terrorist organizations,” the official said, “It has helped them to identify both sources of funding and the places where the moneys have been used to fund operations. The concern is now that the bad guys know that we have the tool, that they will start to use some different method of moving money around.”
According to another source in the government, Turgidson knew about these concerns when he released the information. He reportedly felt that the current ransomware threat was a more immediate and widespread threat to the safety of the country than was the current level of terrorism. The announcement of the possession of the tool, according to sources close to the Director, was made to let the ransomware community know that they were no longer protected by the expected anonymity of the Bitcoin service.
If that was the case, one source was asked, why has Turgidson refused to turn over the tool to prosecutors like Haldeman? “It is not as simple as turning over a disc for someone else to use. The process is complicated and uses resources that not currently available outside of the intelligence community.”