said the agency was investigating about 100 different types of ransomware, many of which trace back to hackers in Russia, and compared the current spate of cyberattacks with the challenge posed by the Sept. 11, 2001, terrorist attacks.
“There are a lot of parallels, there’s a lot of importance, and a lot of focus by us on disruption and prevention,” Mr. Wray said in an interview Thursday. “There’s a shared responsibility, not just across government agencies but across the private sector and even the average American.”
Mr. Wray’s comments—among his first publicly since two recent ransomware attacks gripped the U.S. meat and oil-and-gas industries—come as senior Biden administration officials have characterized ransomware as an urgent national-security threat and said they are looking at ways to disrupt the criminal ecosystem that supports the booming industry. Each of the 100 different malicious software variants are responsible for multiple ransomware attacks in the U.S., Mr. Wray said.
SHARE YOUR THOUGHTS
What are your greatest concerns about cyber issues? Join the conversation below.
Ransomware is a type of malicious computer code that locks up a victim network’s files that hackers use to demand payment for their release, typically with digital currency such as bitcoin.
This week, hackers held hostage the world’s largest meat processor, just weeks after the operator of an essential pipeline bringing gasoline to parts of the East Coast paid about $4.4 million to regain control of its operations and restore service.
Senior officials at the Federal Bureau of Investigation for years have likened the need to confront rising cyber threats to the post-9/11 scramble against international terrorism. But Mr. Wray said the wave of recent ransomware attacks had spotlighted the toll cyberattacks can have on all Americans.
“Now realizing it can affect them when they’re buying gas at the pump or buying a hamburger—I think there’s a growing awareness now of just how much we’re all in this fight together,” Mr. Wray said.
While the most prominent of the recent ransomware hacks disrupted gasoline deliveries and took meat-processing plants temporarily offline, they represent only a fraction of the some 100 types of ransomware the FBI is investigating, Mr. Wray said. “Those are just two,” he said, adding that each of those 100 different malicious software variants had affected between a dozen and 100 targets.
“The scale of this problem is one that I think the country has to come to terms with,” he said.
Complaints to the FBI and reports from the private sector show ransomware incidents have tripled in the past year, Mr. Wray said. While private-sector estimates of the toll to the U.S. economy vary, companies that track ransomware generally put the cost at hundreds of millions or billions of dollars annually and say it is rapidly increasing.
U.S. authorities have attributed this week’s attack on
the world’s biggest meat company by sales, to a criminal ransomware gang in Russia, and the White House has said President Biden planned to bring up the problem during a summit with Russian President
in Geneva planned for June 16. Mr. Biden said he would look closely at whether to retaliate against Russia for the attacks.
In the interview, Mr. Wray singled out Russia as harboring many of the known users of ransomware, providing a haven that security experts and U.S. officials have said has allowed criminal ransomware gangs to flourish throughout Eastern Europe.
“Time and time again, a huge portion of those traced back to actors in Russia. And so, if the Russian government wants to show that it’s serious about this issue, there’s a lot of room for them to demonstrate some real progress that we’re not seeing right now,” Mr. Wray said.
Mr. Wray, who has led the bureau since 2017, has about six years remaining in his 10-year term, and Mr. Biden has said he planned to keep Mr. Wray in the post. He has kept a low profile during his tenure, as the FBI faced criticism from former President
who publicly and privately contemplated firing Mr. Wray. In his few public appearances during the pandemic, Mr. Wray has pushed the private sector and international community to collaborate more with the FBI to battle hackers, including those from criminal gangs and foreign intelligence services seeking information from U.S. companies or institutions.
While the FBI has a policy of discouraging targets of such cyberattacks from paying the ransom, Mr. Wray said the agency was more interested in having companies cooperate with the bureau in their investigations into the attacks, to help piece together the puzzle of who was behind the attacks and figure out ways to thwart them.
On Thursday, Deputy Attorney General Lisa Monaco issued a memorandum to U.S. attorney’s offices around the country urging all ransomware investigations to be coordinated with a task force created in April.
Mr. Wray said coordination can pay off for ransomware victims and law enforcement alike. “I don’t want to suggest that this is the norm, but there have been instances where we’ve even been able to work with our partners to identify the encryption keys, which then would enable a company to actually unlock their data—even without paying the ransom,” he said.
Cybersecurity experts who have tracked the proliferation of ransomware attacks for years said they were encouraged by signals from Mr. Wray and others in the Biden administration that the issue had been elevated to a top national-security priority, but said the problem remained vexing.
“We will have to be creative and aggressive if we want to turn back the tide of this problem,” said John Hultquist, vice president of analysis at the cybersecurity firm Mandiant. Security researchers have cited huge profit margins, ease of payments through digital currency and lack of criminal consequences as difficult-to-solve factors contributing to the rise of ransomware.
Other senior administration officials this week echoed Mr. Wray’s call for coordination, saying the government can only do so much to combat ransomware gangs when the targets largely are private companies, most of which operate with little to no federal regulatory oversight of their cybersecurity standards.
Some Republicans have pressed the Biden administration to be more forceful in its response to ransomware and explain more clearly what penalties exist for hackers who target critical infrastructure.
“The danger from cyberattack is real, and we need more urgent cooperation between our public and private sectors, and more severe consequences for global cyber attackers,”
Sen. Ben Sasse
(R., Neb.) said after the JBS hack was disclosed this week.
the White House deputy national security adviser for cyber and emerging technology, sent a memo to corporate executives and business leaders this week urging companies to “immediately convene their leadership teams to discuss the ransomware threat and review corporate security posture and business continuity plans to ensure you have the ability to continue or quickly restore operations.”
In the memo, a copy of which was reviewed by The Wall Street Journal, Ms. Neuberger said the Biden administration was working with other countries to hold ransomware gangs accountable.
“But we cannot fight the threat posed by ransomware alone,” Ms. Neuberger said. “The private sector has a distinct and key responsibility. The federal government stands ready to help you implement these best practices.”
Write to Aruna Viswanatha at Aruna.Viswanatha@wsj.com and Dustin Volz at firstname.lastname@example.org
Copyright ©2020 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8