FBI Director Wray warns companies against paying ransom for hacking attacks

A logo sign outside of a Colonial Pipeline Company facility in Baltimore, Maryland. (Kristoffer Tripplaar/Sipa USA/TNS)

Companies and organizations that are victims of ransomware attacks shouldn’t pay hackers to unlock their data and should quickly contact law enforcement, which opens up the possibility of creative solutions, FBI Director Christopher Wray said.

“It is our policy, it our guidance from the FBI, that companies should not pay the ransom,” Wray told the House Judiciary Committee at a hearing Thursday.

U.S. companies and government agencies are reeling from recent ransomware attacks that have disrupted critical services, from a major oil pipeline to a beef producer and hospitals. The attacks have ignited a national debate over whether victims should pay ransom, which can reach millions of dollars.

Meat producer JBS USA said it paid $11 million to criminals responsible for a May 30 ransomware attack that disrupted its operations across North America and Australia. Colonial Pipeline Co. paid $4.4 million, or 75-Bitcoin, in ransom after a hack that forced it to shut the largest fuel pipeline in the U.S. on May 7, driving up gasoline prices and sparking shortages at filling stations.

“The Biden administration basically gave a wink and a nod to paying off the thugs,” Rep. Steve Chabot, an Ohio Republican, said during the hearing with Wray. “Don’t we need to clarify the policy relative to paying off criminals?”

The White House’s National Security Council issued a statement Wednesday saying “the administration has been very clear: private companies should not pay ransom. It encourages and enriches these malicious actors, continues the cycle of these attacks, and there is no guarantee companies get their data back.”

But last month Anne Neuberger, the deputy national security adviser for cyber and emerging technologies, told reporters that “typically that is a private sector decision, and the administration has not offered further advice at this time.”

Wray said companies under attack should contact the FBI as soon as possible so that law enforcement can help take action in response, potentially obtaining encryption keys used by hackers.

The Justice Department recouped 63.7 Bitcoin that hackers stole from Colonial. Because of the declining value of Bitcoin since the Colonial ransom was paid, the U.S. seizure in late May amounted to $2.3 million, just over half the ransom paid weeks earlier.

Dividing along partisan lines, lawmakers pursued other controversies in questioning the FBI chief.

Democrats cited apparent intelligence failures leading up to the Jan. 6 attack on the U.S. Capitol by a mob of supporters of former President Donald Trump.

Rep. Steve Cohen, a Tennessee Democrat, asked Wray whether the FBI is investigating provocation of the crowd by Trump, who Cohen called “Mr. Big — No. 1.” Wray declined to comment on specific investigations.

Republicans questioned Wray on whether what they called President Joe Biden’s “open border” with Mexico is leading to a surge of criminals and potential terrorists coming across the southern border. Wray said he would have to get back to the lawmakers with specific information.


© 2021 Bloomberg L.P.

Distributed by Tribune Content Agency, LLC