Share this article on:
The associate director of the FBI’s cyber division recommended that the US does not ban ransomware payments at a hearing of the Committee on the Judiciary of the US Senate earlier this week.
At a Senate Committee earlier this week, assistant director of the FBI’s cyber division Bryan Vorndran warned against making ransomware payments illegal, since the extortion payments between victim and criminal to decrypt ransomware data will be driven underground.
According to Vorndran, criminalising such activities would not encourage victims to come forward to the FBI, thus hampering the FBI’s ability to track and trace cyber criminals.
“[If] you ban ransom payments, now you are putting US companies in a position of another extortion, which is being blackmailed for paying the ransom and not sharing that with authorities,” he said.
Vorndran noted that the threat of ransomware wasn’t a new phenomenon, and that the FBI has risen to the growing ransomware challenge over recent years.
“In 2018, for example, we eliminated the threat from a highly impactful ransomware variant called SamSam that infected victims in nearly every US state, including the city of Atlanta, the Port of San Diego, and multiple major healthcare companies. Our investigation led to a November 2018 indictment of the responsible Iranian cyber criminals and sanctions against two digital currency exchanges that enabled their operations; this ransomware variant has not been seen since,” he said.
However, while the FBI has scaled their ability to combat online crime, the sophistication of cyber criminals has increased, too.
“The increasingly sophisticated and targeted nature of ransomware campaigns has significantly increased their impacts on US businesses, and ransom demands are growing larger. Simultaneously, 'ransomware-as-a-service' (RaaS), in which a developer sells or leases the ransomware tools to their criminal customers, has decreased the barrier to entry and technological savvy needed to carry out and benefit from these compromises and increased the number of criminals conducting ransomware campaigns. As this has happened, the number of ransomware variants has grown; today, we have investigations into more than 100 variants, many of which have been used in multiple ransomware campaigns,” Vorndran added.
Despite advising against criminalising the ransomware payments, he advised against making the decryption payment.
According to the assistant director, the payment of ransoms to decrypt data from cyber criminals not only fill their coffers but also embolden their business strategy.