House Dem calls for Oversight hearings on ransomware

House Dem calls for Oversight hearings on ransomware
© Greg Nash

Rep. Ted Lieu (D-Calif.) on Wednesday urged the House Oversight Committee to hold a hearing on the threat of so-called ransomware, a kind of computer virus that holds computers hostage until the user pays a ransom.

Lieu wrote that a "hearing is needed to shed light on the growing threat of ransomware, outline best practices to mitigate it, and identify the most critical areas for improvement in both the public and private sectors."

His letter to Oversight Chairman Jason ChaffetzJason ChaffetzThe myth of the conservative bestseller Elijah Cummings, Democratic chairman and powerful Trump critic, dies at 68 House Oversight panel demands DeVos turn over personal email records MORE (R-Utah) and ranking Democrat Elijah Cummings (Md.) comes in the wake of reports that hackers locked down the San Francisco Municipal Transportation Agency, known as Muni.

ADVERTISEMENT

Experts say cyber criminals are netting millions of dollars a year from ransomware, a malicious virus that encrypts data on an internal computer system and allows hackers to demand payment in exchange for a decryption key.

The FBI has said that its use is on the rise, with victims reporting $290 million in total costs from the attacks in the first three months of 2016, compared with $24 million for all of 2015.

The technique was thrust into the spotlight earlier this year when Hollywood Presbyterian Medical Center announced it had paid hackers a $17,000 ransom to regain access to its locked systems.

The federal government has not been immune from the attacks.

More than two dozen federal agencies were hit by attempted ransomware attacks between July 2015 and March 2016, according to the Department of Homeland Security (DHS).

The DHS said 29 agencies have reported 321 incidents of ransomware-related activity during that period. But in no case did the agencies have to pay up, as the ransomware was not able to successfully infect the government's networks.

ADVERTISEMENT

The Department of Justice has acknowledged that “many state and local government victims” have also reached out to the FBI for help fighting ransomware attacks, although it has not given specific numbers.

Reportedly, local police departments have paid ransoms between $300-500 to unlock their systems.

Ransomware has affected the Muni since the weekend, forcing it to give customers free rides as the system deals with the attack.

The light rail system says it will not pay hackers to restore its systems after the attack.

"We have never considered paying the ransom," Muni spokesman Paul Rose told the trade publication Bank Info Security. "We have an IT team that can fully recover our systems, and they are doing that."