Man with hands on head holding laptop that says ransomware across the screen

Andery_Popov/Shutterstock (Licensed)

Senate report finds FBI response to ransomware attacks severely lacking

The FBI once sent a ransomware victim a hostage negotiator.

 

Jacob Seitz

Tech

Posted on Mar 24, 2022   Updated on Apr 11, 2022, 10:37 am CDT

A new report from Sen. Rob Portman (R-Ohio) released Thursday reveals a dramatic rise in ransomware attacks in the U.S.—and says the FBI is negligent in helping victims. 

The report, released by Portman in his role as the ranking member of the Committee on Homeland Security and Governmental Affairs, shows the FBI’s inability to help companies who have been victims of ransomware attacks. The Senate committee studied three cases of ransomware attacks against U.S. companies in the past five years. All companies interviewed by the committee reported their case to the FBI, but only two pursued assistance from the Bureau.

All attacks studied by the Committee were committed by REvil, a notorious Russian ransomware group that drew heavy scrutiny from U.S. officials after major attacks on software company Kaseya and meat supplier JBS last year.

The companies are not named in the report to protect them from retaliation, but the report says both companies that sought FBI assistance found the Bureau’s response lacking. 

“They told the Committee that the Federal Bureau of Investigation (FBI) prioritized its investigative efforts into REvil’s operations over protecting the companies’ data and mitigating damage,” the report notes. “Both companies also indicated they did not receive advice on best practices for responding to a ransomware attack or other useful guidance from the Federal Government.”

The report also claimed that ransomware attacks were up 98 percent from 2020 to 2021 and found that that cryptocurrency is to blame, at least in part. 

“Cryptocurrency exchanges allowed cybercriminals to receive instant and anonymous payments outside of traditional financial institutions,” the report states. “Armed with this newfound convenience and anonymity, cybercriminals realized they could make millions in just a few weeks. Once someone sets up a Bitcoin wallet linked to an exchange, transactions to and from that wallet are not easily traceable to a specific person.

In the case of “Entity A,” a Fortune 500 company that asked for FBI assistance after a ransomware attack, the FBI offered the company a hostage negotiator with no experience in ransomware attacks, according to the report. 

The report cites a new bill, co-sponsored by Portman and signed into law last week, as a gamechanger for ransomware action. The law will require critical infrastructure companies to report ransomware attacks to the Cybersecurity and Infrastructure Security Agency within 72 hours of an attack, and ransomware payments within 24 hours.

“The Biden administration should work quickly to implement my recently enacted bipartisan Cyber Incident Reporting Act,” Portman said in the report. “This law will help prevent future cyberattacks by facilitating increased information sharing and enhance the federal government’s cyber defense and investigative capabilities.”


Read more of the Daily Dot’s tech and politics coverage

Nevada’s GOP secretary of state candidate follows QAnon, neo-Nazi accounts on Gab, Telegram
Court filing in Bored Apes lawsuit revives claims founders built NFT empire on Nazi ideology
EXCLUSIVE: ‘Say hi to the Donald for us’: Florida police briefed armed right-wing group before they went to Jan. 6 protest
Inside the Proud Boys’ ties to ghost gun sales
‘Judas’: Gab users are furious its founder handed over data to the FBI without a subpoena
EXCLUSIVE: Anti-vax dating site that let people advertise ‘mRNA FREE’ semen left all its user data exposed
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.
Share this article
*First Published: Mar 24, 2022, 12:50 pm CDT