FBI Director Chris Wray is trotting out a version of “we don’t negotiate with terrorists,” on Wednesday telling potential hacking targets not to pay the ransoms demanded.
As the strategy goes, if you pay up then the bad guys will believe they can continue to attack public companies.
Appearing before a Senate appropriations committee, Wray advised potential targets against trusting that the hackers will be content to collect the money.
“In general, we would discourage paying the ransom because it encourages more of these attacks,” he said, “and frankly, there is no guarantee whatsoever that you are going to get your data back.”
The recent hacks of Colonial Pipeline and JBS Foods underscore the growing threat to businesses worldwide.
In the Colonial case, the company reportedly paid more than $4 million in ransom to get itself up and running again. Subsequently, the U.S. Justice Department was able to confiscate about $2.3 million in that cryptocurrency ransom by unlocking a bitcoin wallet that contained the funds.
While the FBI and other agencies are under pressure to find stronger ways to combat these threats, Wray emphasized there’s a great deal of tools at the agency’s disposal and he advises companies and municipal governments who are hacked to reach out to the FBI quickly.
“When they do, there’s all kinds of things that we can do,” Wray said.
“Sometimes through other work we’ve done, we might have the decryption key and be able to help the company unlock their data without having to pay the ransom.”
Wray said during his Wednesday comments that the agency is seeing increasingly complex ransomware attacks — and rising amounts of ransom money, which Wray said the FBI has seen “triple over the last year or so.”