Federal agents are investigating about 100 different types of ransomware, FBI Director Christopher Wray revealed in a new interview, in which he compared the security challenges posed by cyberthreats to the terror threat of 9/11.
Speaking to the Wall Street Journal in an interview published Thursday, Wray made the comments in the wake of two recent ransomware attacks that sent meat and gas prices skyrocketing as suppliers were left unable to move their products.
"There are a lot of parallels, there’s a lot of importance, and a lot of focus by us on disruption and prevention," Wray said, referring to this month’s hack against JBS Foods, the world’s largest meat supplier, and a similar attack on Colonial Pipeline in May that disrupted the flow of gasoline.
"There’s a shared responsibility, not just across government agencies but across the private sector and even the average American," he said.
Ransomware is a malicious software that locks up a user’s data. Hackers typically demand money, most frequently in cryptocurrency, to unlock or return the affected data.
The FBI has blamed the Russia-based criminal group DarkSide for the Colonial Pipeline attack, in which the company paid $4.4 million in ransom in order to regain access to its systems.
Of the 100 different malicious software variants that exist, every single one was responsible for multiple ransomware attacks in the US, Wray told the paper, noting at one point, "The scale of this problem is one that I think the country has to come to terms with."
The FBI director said the impacts of the recent attacks were visible to the American people.
"Now realizing it can affect them when they’re buying gas at the pump or buying a hamburger — I think there’s a growing awareness now of just how much we’re all in this fight together," Wray said.
As for the origin of these attacks, which the bureau has seen complaints for triple in the past year, he singled out Russia.
While the Kremlin itself has not been directly implicated, the country has provided safe haven to hackers to conduct their damaging work.
"Time and time again, a huge portion of those traced back to actors in Russia," Wray said. "And so, if the Russian government wants to show that it’s serious about this issue, there’s a lot of room for them to demonstrate some real progress that we’re not seeing right now."
While Colonial Pipeline paid its multimillion-dollar ransom, the FBI’s policy discourages doing so.
Wray told the paper the bureau was more focused on getting those affected companies to cooperate with it in hopes of figuring out how to thwart future attacks.
"I don’t want to suggest that this is the norm, but there have been instances where we’ve even been able to work with our partners to identify the encryption keys, which then would enable a company to actually unlock their data — even without paying the ransom."
As the FBI continues its work, Reuters reported Thursday that the Justice Department has begun elevating investigations of ransomware attacks to a priority similar to terrorism.
Internal guidance sent Thursday to U.S. attorneys’ offices across the country said information about ransomware investigations in the field should be centrally coordinated with a recently created task force in Washington.
"It’s a specialized process to ensure we track all ransomware cases regardless of where it may be referred in this country, so you can make the connections between actors and work your way up to disrupt the whole chain," John Carlin, principal associate deputy attorney general at the Justice Department, said of the guidance.