FBI warns companies against paying ransom
Companies and organisations that are victims of ransomware attacks shouldn’t pay hackers to unlock their data and should quickly contact law enforcement, which opens up the possibility of creative solutions, FBI Director Christopher Wray said.
‘‘It is our policy, it our guidance from the FBI, that companies should not pay the ransom,’’ Wray told the House Judiciary Committee at a hearing yesterday.
US companies and government agencies are reeling from recent ransomware attacks that have disrupted critical services, from a major oil pipeline to a beef producer and hospitals.
The attacks have ignited a national debate over whether victims should pay ransom, which can reach millions of dollars. Meat producer JBS USA said it paid US$11 million (NZ$15.3m) to criminals responsible for a May 30 ransomware attack that disrupted its operations across North America and Australia. Colonial Pipeline Co. paid US$4.4m, or 75-bitcoin, in ransom after a hack that forced it to shut the largest fuel pipeline in the US on May 7, driving up gasoline prices and sparking shortages at filling stations.
‘‘The Biden administration basically gave a wink and a nod to paying off the thugs,’’ Rep. Steve Chabot, an Ohio Republican, said during the hearing with Wray. ‘‘Don’t we need to clarify the policy relative to paying off criminals?’’ The White House’s National Security Council issued a statement on Thursday saying ‘‘the administration has been very clear: private companies should not pay ransom. It encourages and enriches these malicious actors, continues the cycle of these attacks, and there is no guarantee companies get their data back.’’
But last month Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, told reporters that ‘‘typically that is a private sector decision, and the administration has not offered further advice at this time’’.
Wray said companies under attack should contact the FBI as soon as possible so that law enforcement can help take action in response, potentially obtaining encryption keys used by hackers.
The Justice Department recouped 63.7 bitcoin that hackers stole from Colonial. Because of the declining value of bitcoin since the Colonial ransom was paid, the US seizure in late May amounted to $2.3m, just over half the ransom paid weeks earlier.
Dividing along partisan lines, lawmakers pursued other controversies in questioning the FBI chief.
Democrats cited apparent intelligence failures leading up to the January 6 attack on the US Capitol by a mob of supporters of former President Donald Trump.
Rep. Steve Cohen, a Tennessee Democrat, asked Wray whether the FBI is investigating provocation of the crowd by Trump, who Cohen called ‘‘Mr Big – No. 1.’’
Wray declined to comment on specific investigations.