A week after seeking information on ransom pay from two other ransomware victims, Rep. Carolyn Maloney, D-N.Y., chairwoman of the House Committee on Oversight and Reform, sent a June 10 letter to JBS Foods USA asking for information about its reported decision to pay an $11 million ransom, the committee announced.
Like in the cases of her letters to Colonial Pipeline and CNA Financial, Maloney is looking for any and all documents JBS USA has related to its decision to pay the ransom despite having the capability to bring the system back online with its own backups.
The FBI has blamed Russian ransomware group REvil for the attack. That adds to the growing list of ransomware attacks by Russian-based groups. It’s a topic President Biden plans on broaching with Russian President Vladimir Putin next week. Appearing before Congress this week, Colonial Pipeline’s CEO asked for government help putting pressure on host countries.
“I am deeply troubled by this and similar ransomware attacks,” Maloney wrote. “Any ransom payment to cybercriminal actors like REvil sets a dangerous precedent that increases future risk of ransomware attacks. Congress needs detailed information about the attack to legislate effectively on ransomware and cybersecurity in the United States.”
In addition to all documents relating to the payment of the ransom, Maloney is also seeking all communications the company had about the discovery of the ransomware attack itself, conversations with the attackers about the ransom payment or encryption tool, the purchase of the cryptocurrency, and more. The $11 million ransom payment was transferred in Bitcoin.
Maloney wants JBS USA to send all of these documents over to the committee by June 24.