The US House Committee on Oversight and Reform has insisted on answers from the FBI over its three-week delay in providing decryption keys to businesses attacked by REvil ransomware.
"To understand the FBI's decision, the lawmakers are requesting a briefing from the FBI on its legal and policy rationale for withholding the ransomware key, as well as the FBI's overall strategy for addressing, investigating, preventing, and defeating ransomware attacks," the Committee said in a statement.
In a letter addressed to FBI Director Chris Wray, Committee Chairwoman Carolyn Maloney and ranking member Rep. James Comer said that the FBI withheld this tool for nearly three weeks as it worked to disrupt the attack, potentially costing the ransomware victims — including schools and hospitals — millions of dollars.
“Earlier this summer, a Florida-based software company was the victim of a ransomware attack that compromised between 800 and 1,500 businesses around the world,” the committee heads said.
"Congress must be fully informed whether the FBI's strategy and actions are adequately and appropriately addressing this damaging trend,” they said.
“Ransomware hackers have shown their willingness and ability to inflict damage on various sectors of the US economy. Congress must be fully informed whether the FBI's strategy and actions are adequately and appropriately addressing this damaging trend."
The FBI obtained the decryption keys by accessing servers of the Russian-based hackers involved in the attacks this July, according to the Washington Post. The FBI held the keys as part of an operation to disrupt the hackers and did not want to alert them of it. However, before the FBI had a chance to mount a counterattack, REvil’s platform went offline.
In his testimony in front of Congress last week, Director Wray blamed the delay on other law enforcement agencies who asked the FBI not to disseminate the keys. He added there were limits to what he could say because investigations are ongoing.
“We make the decisions as a group, not unilaterally,” he said. Wray added that there are “complex… decisions, designed to create maximum impact, and that takes time in going against adversaries where we have to marshal resources not just around the country but all over the world."
Congress demanded a response from the FBI over the allegations by October 6.
-
What does modern security success look like for financial services?Sponsored As financial institutions grapple with evolving cyber threats, intensifying regulations, and the limitations of ageing IT infrastructure, the need for a resilient and forward-thinking security strategy has never been greater
-
Yes, legal AI. But what can you actually do with it? Let’s take a look…Sponsored Legal AI is a knowledge multiplier that can accelerate research, sharpen insights, and organize information, provided legal teams have confidence in its transparent and auditable application
-
Volkswagen confirms security ‘incident’ amid ransomware breach claimsNews Volkswagen has confirmed a security "incident" has occurred, but insists no IT systems have been compromised.
-
The number of ransomware groups rockets as new, smaller players emergeNews The good news is that the number of victims remains steady
-
Teens arrested over nursery chain Kido hacknews The ransom attack caused widespread shock when the hackers published children's personal data
-
NCA confirms arrest after airport cyber disruptionNews Disruption is easing across Europe following the ransomware incident
-
Cyber professionals are losing sleep over late night attacksNews Hackers are biding their time and launching attacks when businesses can’t respond
-
Prolific ransomware operator added to Europe’s Most Wanted list as US dangles $10 million rewardNews The US Department of Justice is offering a reward of up to $10 million for information leading to the arrest of Volodymyr Viktorovych Tymoshchuk, an alleged ransomware criminal.
-
Jaguar Land Rover “did the right thing” shutting down systems to thwart cyber attackNews The attack on Jaguar Land Rover highlights the growing attractiveness of the automotive sector
-
Ransomware attack on IT supplier disrupts hundreds of Swedish municipalitiesNews The attack on IT systems supplier Miljödata has impacted public sector services across the country
