Deputy Attorney General Rod Rosenstein speaking at the Clearing House Association's annual conference. Deputy Attorney General Rod Rosenstein speaking at the Clearing House Association's annual conference. Photo credit: U.S. Department of Justice

Deputy U.S. Attorney General Rod Rosenstein has taken direct aim at cybercrime, and what he sees as irresponsible encryption.

Since Oct. 4, Rosenstein has delivered at least seven speeches, including one at a global cybersecurity summit in London, that have detailed the magnitude of the cybercrime problem, stressed the importance of public-private partnerships to combat it, and assailed the evils of encrypted phones and computers that law enforcement can't search.

His latest speech came Thursday at a Baltimore breakfast meeting of the BWI Business Partnership, a group of business leaders plus local, state and federal government leaders in central Maryland. “The threat that cybercriminals pose to public entities and private businesses is substantial,” Rosenstein said. “A single intrusion could mean economic loss, bankruptcy, and in some cases, even loss of human life.”

A day earlier he spoke of combating cybercrime to leaders from the financial services industry gathered in New York for the Clearing House Association's annual conference.

In both speeches he cited a recent report predicting that the “staggering” cost of cybercrime annually will double from $3 trillion in 2015 to $6 trillion in 2022.

He also cited cases of notorious hacking incidents, ransomware attacks and denial of service attacks.

“Every business is responsible for protecting its own systems against cyberattacks,” he said. “But unilateral action is not sufficient to address the growing global cyber threat. Private-public partnerships are critical to combating this problem.”

Rosenstein said businesses can help by securing their systems as much as possible against criminal attacks, by notifying law enforcement immediately of any attack, and by cooperating with law enforcement investigators after an attack.

“Law enforcement has tools that are not available to the private sector,” he said. “In the long run, a swift and decisive response that involves cooperation with law enforcement is more likely to be effective and sends a strong signal to your customers that you responded with the necessary urgency.”

But he reserved some of his strongest words, in all seven speeches, for “warrant-proof encryption” and for the possible “grave consequences” of such designs.

He cited the case of the recent mass shooting at the First Baptist Church in Sutherland Springs, Texas.

“When you shoot dozens of innocent American citizens, we want law enforcement to investigate your communications and stored data,” he said. But the FBI has been unable to crack the encryption on the perpetrator's phone.

Rosenstein concluded, “Maybe we eventually will find a way to access the data. But it costs a great deal of time and money. In some cases, it surely costs lives. That is a very high price to pay.”

Deputy Attorney General Rod Rosenstein speaking at the Clearing House Association's annual conference. Deputy Attorney General Rod Rosenstein speaking at the Clearing House Association's annual conference. Photo credit: U.S. Department of Justice

Deputy U.S. Attorney General Rod Rosenstein has taken direct aim at cybercrime, and what he sees as irresponsible encryption.

Since Oct. 4, Rosenstein has delivered at least seven speeches, including one at a global cybersecurity summit in London, that have detailed the magnitude of the cybercrime problem, stressed the importance of public-private partnerships to combat it, and assailed the evils of encrypted phones and computers that law enforcement can't search.

His latest speech came Thursday at a Baltimore breakfast meeting of the BWI Business Partnership, a group of business leaders plus local, state and federal government leaders in central Maryland. “The threat that cybercriminals pose to public entities and private businesses is substantial,” Rosenstein said. “A single intrusion could mean economic loss, bankruptcy, and in some cases, even loss of human life.”

A day earlier he spoke of combating cybercrime to leaders from the financial services industry gathered in New York for the Clearing House Association's annual conference.

In both speeches he cited a recent report predicting that the “staggering” cost of cybercrime annually will double from $3 trillion in 2015 to $6 trillion in 2022.

He also cited cases of notorious hacking incidents, ransomware attacks and denial of service attacks.

“Every business is responsible for protecting its own systems against cyberattacks,” he said. “But unilateral action is not sufficient to address the growing global cyber threat. Private-public partnerships are critical to combating this problem.”

Rosenstein said businesses can help by securing their systems as much as possible against criminal attacks, by notifying law enforcement immediately of any attack, and by cooperating with law enforcement investigators after an attack.

“Law enforcement has tools that are not available to the private sector,” he said. “In the long run, a swift and decisive response that involves cooperation with law enforcement is more likely to be effective and sends a strong signal to your customers that you responded with the necessary urgency.”

But he reserved some of his strongest words, in all seven speeches, for “warrant-proof encryption” and for the possible “grave consequences” of such designs.

He cited the case of the recent mass shooting at the First Baptist Church in Sutherland Springs, Texas.

“When you shoot dozens of innocent American citizens, we want law enforcement to investigate your communications and stored data,” he said. But the FBI has been unable to crack the encryption on the perpetrator's phone.

Rosenstein concluded, “Maybe we eventually will find a way to access the data. But it costs a great deal of time and money. In some cases, it surely costs lives. That is a very high price to pay.”