“In general, we would discourage paying the ransom because it encourages more of these attacks, and frankly, there is no guarantee whatsoever that you are going to get your data back,” Wray testified before a U.S. Senate appropriations panel.
The Justice Department has disclosed it managed to help the Colonial Pipeline Co recover some $2.3 million in cryptocurrency ransom it paid to hackers – an attack that led to widespread shortages at gas stations on the East Coast.
The FBI was able to recover those funds because it had a private key that it was able to use to unlock a bitcoin wallet holding most of the money. It was unclear how the FBI managed to access the key.
Bitcoin seizures by the federal government are relatively uncommon, but authorities have been stepping up their expertise in tracking the flow of digital money.
Wray said on Wednesday that the FBI is seeing increasingly sophisticated types of ransomware attacks and that cyber thieves have been demanding larger sums of money.
“We’ve seen the total volume of the money paid I think triple over the last year or so,” Wray said.
He said companies and municipal governments who become victims of ransomware attacks should consider going to the FBI as soon as possible, and not wait.
“When they do, there’s all kinds of things that we can do,” Wray said.
“Sometimes through other work we’ve done, we might have the decryption key and be able to help the company unlock their data without having to pay the ransom,” he added.