A new report from Sen. Rob Portman (R-Ohio) released Thursday reveals a dramatic rise in ransomware attacks in the U.S.—and says the FBI is negligent in helping victims.
The report, released by Portman in his role as the ranking member of the Committee on Homeland Security and Governmental Affairs, shows the FBI’s inability to help companies who have been victims of ransomware attacks. The Senate committee studied three cases of ransomware attacks against U.S. companies in the past five years. All companies interviewed by the committee reported their case to the FBI, but only two pursued assistance from the Bureau.
All attacks studied by the Committee were committed by REvil, a notorious Russian ransomware group that drew heavy scrutiny from U.S. officials after major attacks on software company Kaseya and meat supplier JBS last year.
The companies are not named in the report to protect them from retaliation, but the report says both companies that sought FBI assistance found the Bureau’s response lacking.
“They told the Committee that the Federal Bureau of Investigation (FBI) prioritized its investigative efforts into REvil’s operations over protecting the companies’ data and mitigating damage,” the report notes. “Both companies also indicated they did not receive advice on best practices for responding to a ransomware attack or other useful guidance from the Federal Government.”
The report also claimed that ransomware attacks were up 98 percent from 2020 to 2021 and found that that cryptocurrency is to blame, at least in part.
“Cryptocurrency exchanges allowed cybercriminals to receive instant and anonymous payments outside of traditional financial institutions,” the report states. “Armed with this newfound convenience and anonymity, cybercriminals realized they could make millions in just a few weeks. Once someone sets up a Bitcoin wallet linked to an exchange, transactions to and from that wallet are not easily traceable to a specific person.
In the case of “Entity A,” a Fortune 500 company that asked for FBI assistance after a ransomware attack, the FBI offered the company a hostage negotiator with no experience in ransomware attacks, according to the report.
The report cites a new bill, co-sponsored by Portman and signed into law last week, as a gamechanger for ransomware action. The law will require critical infrastructure companies to report ransomware attacks to the Cybersecurity and Infrastructure Security Agency within 72 hours of an attack, and ransomware payments within 24 hours.
“The Biden administration should work quickly to implement my recently enacted bipartisan Cyber Incident Reporting Act,” Portman said in the report. “This law will help prevent future cyberattacks by facilitating increased information sharing and enhance the federal government’s cyber defense and investigative capabilities.”