Cybersecurity

Capitol Hill zeroes in on ‘ransomware’ attacks

by Cory Bennett

Capitol Hill is stepping up pressure on the Obama administration to detail how it is combating the rise of digital extortion.

Rep. Derek Kilmer (D-Wash.) on Tuesday became the fourth lawmaker in as many months — and second member in the last week — to press the federal government on the these so-called ransomware attacks.

{mosads}In such attacks, hackers remotely lock computer files and demand ransom payments for their return. The scheme has exploded into a multimillion dollar industry in recent years yet baffled law enforcement and lawmakers.

In a letter to the Department of Homeland Security, Kilmer said ransomware poses a threat “to everyday Americans, law enforcement, government agencies and infrastructure, and sectors of our economy like healthcare and financial services.”

Federal data shows the FBI received 2,453 complaints about ransomware last year, costing victims over $24 million in hostage payments. But experts say those figures are dwarfed by the actual payments, which likely exceed half a billion dollars per year.

“Oftentimes victims feel they have no other choice but to pay hackers with their own money to get their data back,” Kilmer said.

Law enforcement has also struggled to curb the underground industry, as ransom payments are made via hard-to-trace digital currencies such as bitcoins and many of the perpetrators are protected by friendly Eastern European governments.

Kilmer’s memo is the second congressional letter the Obama administration has received regarding the tactic in the last week and the third since December.

Sen. Barbara Boxer (D-Calif.) last Friday asked the FBI for more details on a string of ransomware attacks targeting hospitals that have forced networks offline and, in some cases, led to extortion payments.

Sens. Ron Johnson (R-Wis.) and Tom Carper (D-Del.) — the leaders of the Homeland Security Committee — also asked the DHS and Justice Department for data on ransomware attacks.

The agency responses revealed that more than two dozen federal agencies have fought off attempted ransomware attacks.