Chris Butera said the government does not encourage ransom paying but “understands” if private companies disagree.
Chris Butera, head of Threat Hunting for the Cybersecurity and Infrastructure Security Agency (CISA), said ransomware has “continued to increase, especially in our state, local governments, as well as our critical instructor space.”
The ransomware actors have become more brazen,” he said during a virtual summit Wednesday. “They’ve started to exfiltrate data and try to extort payments.”
Ransomware attacks have increasingly targeted American interests, most recently shutting down U.S. meat plants affiliated with the world’s largest meatpacker, Brazil-based JBS, earlier this week.
Butera said the government does not encourage companies to pay out ransoms on cyber-attacks but said the administration “understands” if private companies disagree.
“The government does not advocate paying ransoms,” Butera said. “But we do understand that it is a significant, difficult decision for some of these organizations when they are put under the gun to try to manage their business operations during these times.”
The Biden administration’s stance on handling ransomware aligns with the government’s traditional attitude when it comes to paying ransom to any criminal or terrorist group.
Kitchen pointed to the monumental consequences private companies face when targeted by ransomware, including significant financial loss and potentially devastating shortages for consumers.