By Emma Nitzsche
FBI Director Christopher Wray implored public companies and other hacking victims to stop paying ransom to cybercriminals. Wray’s statement comes after several major companies participated in multimillion-dollar transactions to regain control of their systems from hackers.
Wray testified before the U.S. Senate appropriations panel earlier this week. In his testimony, he stated that the FBI “discourages paying the ransom because it encourages more of these [cyber] attacks, and frankly, there is no guarantee whatsoever that you are going to get your data back.”
Earlier this month, the Colonial Pipeline paid a ransom of 75 bitcoin, roughly $4.4 million, in an attempt to get its operations back online after hackers broke into the central system. The cyberattack caused mass panic buying and gas shortages as Colonial supplies fuel for over 45% of the East Coast. Colonial’s CEO Joseph Blount said the decision to pay the ransom was the hardest decision of his career.
The Justice Department said it could recover 2.3 million in cryptocurrency ransom paid to the hackers by tracking down the bitcoin wallet holding most of the money. However, the White House reminded businesses that they have a limited ability to rescue businesses after a cyberattack.
“Business leaders have a responsibility to strengthen their cyber defenses to protect the American public and our economy,” said White House press secretary Jen Psaki.
Over 40 food companies have been targeted by ransomware gangs over the last year, including Molson Coors and E & J Gallo Winery. JBS SA, the world’s largest meat processing company, told the public that it paid approximately $11 million to hackers after its computer system was compromised last month.
The National Security Council’s top cyber official, Anne Neuberger, wrote an open letter to American companies urging them to take the risk of ransomware attacks far more seriously.
Herb Stapleton, deputy assistant director at the FBI’s Cyber Division, spoke at the Wall Street Journal Pro Cybersecurity Executive Forum about defending against cybercrime. On the panel, Stapleton reiterated the FBI’s position on refraining from paying ransom payments to hackers.
“That money is reinvested in the business models these illegal organizations have set up. In addition to lining their own pockets, it’s used to make them better and faster at the work they do,” said Stapleton.
If a business is under attack, the best thing to do is report the incident to the FBI as soon as possible. Stapleton said the FBI might have information that can help a business as they try to reconstitute a network or figure out whether there is a persistence of a breach on their system. However, if a company does pay the ransom, the FBI can still work with the business to track down the hacker and potentially regain any ransomware payments.