Companies and organizations that are victims of ransomware attacks shouldn’t pay hackers to unlock their data and should quickly contact law enforcement, which opens up the possibility of creative solutions, FBI Director Christopher Wray said.
“It is our policy, it is our guidance from the FBI, that companies should not pay the ransom,” Wray told the House Judiciary Committee at a hearing Thursday.
U.S. companies and government agencies are reeling from recent ransomware attacks that have disrupted critical services, from a major oil pipeline to a beef producer and hospitals. The attacks have ignited a national debate over whether victims should pay ransom, which can reach millions of dollars.
The National Security Council also issued a statement saying “the administration has been very clear: Private companies should not pay ransom. It encourages and enriches these malicious actors, continues the cycle of these attacks, and there is no guarantee companies get their data back.”
Meat producer JBS USA said it paid $11 million to criminals responsible for a May 30 ransomware attack that disrupted its operations across North America and Australia. Colonial Pipeline Co. paid $4.4 million, or 75-Bitcoin, in ransom after a hack that forced it to shut the largest fuel pipeline in the U.S. on May 7, driving up gasoline prices and sparking shortages at filling stations.
“The Biden administration basically gave a wink and a nod to paying off the thugs,”…