The sabotage of an FBI server, which resulted in a fake alert purportedly distributed by the Department of Homeland Security, should be considered a “tipping point” in the nation’s fight against cybercrime, according to Rep. Carolyn B. Maloney (D-NY), chair of the House Oversight and Reform Committee.
Maloney’s remarks came as the committee began hearings on a new cybersecurity review on Tuesday.
The review focused on three recent ransomware attacks — against CNA Financial Corporation, Colonial Pipeline, and the meat processor JBS Foods — but the FBI attack drew lawmakers’ attention, according to The Washington Post.
Rep. James Comer (Ky.), the committee’s top Republican, warned in his opening statement that “hackers’ ability to penetrate the FBI’s systems could result in catastrophic consequences and chaos.”
The FBI attributed the breach to a “software misconfiguration.” According to the bureau, no personally identifiable information was exposed, and the vulnerability was “quickly remediated.”
The review warned that businesses targeted by ransomware hackers are at a disadvantage at every stage of the attack. They frequently don’t know who to contact in the federal government for assistance, and the companies are under intense pressure to pay ransoms as soon as possible in order to restore their computer systems.
Hackers from the REvil gang, for example, told JBS that if their $22.5 million ransom demand was not met quickly, it would double. They also threatened to publish the company’s data if they were not paid within three days. JBS eventually agreed to pay a $11 million ransom.
At Tuesday’s hearing, National Cyber Director Chris Inglis, CISA Executive Director Brandon Wales, and FBI Assistant Director Bryan Vorndran were scheduled to testify.
The hearing comes just one day after President Joe Biden signed a $1.2 trillion infrastructure package that included $2 billion in cybersecurity funding.