Washington – The FBI director told lawmakers Thursday that even if a major company participated in a multi-million dollar deal aimed at bringing the system back online last month, the agency discouraged ransomware payments to hacking groups. He said he was.
“It is our policy that businesses should not pay the ransom for many reasons, and our guidance from the FBI,” Christopher Ray said in a question from members of the House Judiciary Committee. I testified.
In addition to the fact that such payments can facilitate additional cyberattacks, victims may not be able to automatically retrieve data despite millions of forks.
In a ransomware attack, a hacker locks and encrypts the victim’s data and demands payment to return it. They have grown in scale over the past year, targeting not only hospitals and police agencies, but also critical infrastructure and critical industries. Some major corporate goals these days have been addressed by paying ransoms, fearing that long-term outages could have catastrophic consequences for the country and disrupt critical supply chains. I will.
The Colonial Pipeline, which transports about 45% of the fuel consumed on the East Coast, paid a ransom of 75 Bitcoin last month in hopes of bringing the system back online.
On Wednesday, JBS SA, the world’s largest meat processing company, revealed that it paid $ 11 million worth of hackers who broke into computer systems last month.
Colonial Pipeline CEO Joseph Brant made the decision to pay the ransom this week the most difficult choice in his career, but the final, especially given the gas shortages that surfaced within days in parts of the United States. He said it was correct. He said the key given to the company to decrypt the data did not work perfectly, but Colonial resumed operations after a brief shutdown.
The Justice Department states that it was able to recover most of the ransomware payments after finding the virtual wallet used by the hacker. In addition to assisting the enterprise in this way, Ray said the FBI was able to obtain the hacker’s encryption key and unlock the seized data without payment in certain cases. I did.
“There are many things we can do to prevent this activity from happening if we contact, coordinate and work closely with law enforcement agencies, whether or not we pay the ransom,” he said. “I think that’s the most important part.”
Follow Eric Tucker on http://www.twitter.com/etuckerAP
Copyright 2021 Associated Press. all rights reserved. This material may not be published, broadcast, rewritten, or redistributed without permission.
Despite recent trends, the FBI frowns on ransomware payments
Source link Despite recent trends, the FBI frowns on ransomware payments