FBI Director Christopher Wray said companies and organizations that are the victims of ransomware attacks should contact law enforcement quickly instead of paying to unlock their systems, Bloomberg reported.
Recent ransomware attacks have gone after bold targets, including critical services like gasoline and healthcare. A beef provider was also affected.
Those attacks have spurred debate on whether or not to pay ransom, according to Bloomberg. Ransom can often hit millions of dollars.
Meat producer JBS USA was one of those that paid the ransom, shelling out $11 million to hackers that disrupted its operations around North America.
And the Colonial Pipeline paid a $4.4 million, or 75 bitcoin, in ransom, to reopen its services after hacking group DarkSide locked it down.
Wray made his comments at a House Judiciary Committee hearing Thursday (June 10), Bloomberg reported.
At a separate hearing, two nominees for top cybersecurity jobs have echoed the same sentiments, saying they don’t think companies should pay ransom, according to Bloomberg.
Chris Inglis, who President Joe Biden nominated to serve as national cyber director, said it isn’t appropriate to pay ransom, but sometimes it is the only necessary thing to do in order to save lives or bring back “critical capabilities,” Bloomberg reported.
Jen Easterly, who has been nominated to lead the Cybersecurity and Infrastructure Security Agency, said she thinks her role would entail making sure that companies don’t get put in that position in the first place, through providing information for the private sector to prevent hacking, according to Bloomberg. She added those practices haven’t necessarily been effective thus far when they were voluntary, so they might have to be made mandatory.
In the case of the Colonial Pipeline, the U.S. government has since recovered a large chunk of the ransom that had been paid.
That happened because of the traceability of bitcoin and other digital offerings, PYMNTS reported. Blockchain transactions are recorded on distributed ledgers.