After a second widespread ransomware attack in less than one month, two senators on the Intelligence Committee suggested Sunday that lawmakers should take increased measures to regulate and trace cryptocurrencies, the medium of exchange that’s become popular among hackers for allowing transactions to remain anonymous.
In an appearance on NBC News’ Meet the Press, Sen. Roy Blunt (R-Mo.) said, “The only way you can begin to get on top” of the “pervasive” ransomware problem is “to develop a pattern,” before launching into a critique of the anonymity provided by cryptocurrencies often used to pay ransoms.
“It took gasoline and beef for us to think this is really a serious problem,” Sen. Blunt said, referencing the attacks on Colonial Pipeline and meatpacker JBS, which sparked widespread gas shortages and meat-plant shutdowns, respectively; Colonial paid hackers $4.4 million in bitcoin, but it’s unclear whether JBS has paid a ransom.
Though he didn’t outline specific policy measures, Blunt said lawmakers shouldn’t allow cryptocurrencies to operate “behind the scenes,” calling them the “ransom payment of choice” for hackers and a “fairly easy” way to receive money for attacks without a trace.
“We have a lot of cash requirements in our country, but we haven’t figured out in the country or in the world how to trace cryptocurrency,” Blunt said Sunday, adding: “We’ve got to do a better job here.”
In a separate Meet the Press interview, Sen. Mark Warner (D-Va.), stopped short of saying ransomware payments should be outlawed but called for “more transparency” if a company does pay and said he has “a lot of questions” about cryptocurrencies now that lawmakers are “seeing . . . some of [their] dark underbelly.”
Warner, who years ago touted crypto’s “transformational” technology, also said the debate around crypto and ransomware “is just starting” and suggested that a more immediate solution to curbing cyberattacks “in the meantime” would be requiring companies to notify the government when they fall victim to hacks.
“What I’m really worried about is if we saw the kind of massive, across-the-system attack that took place last year, the SolarWinds attack,” Warner said Sunday, referencing a cyberattack by Russian hackers who unleashed a computer virus on 18,000 government and private networks worldwide. “If that attack had been an effort to shut down our system, our economy would have come to a halt.”
Though cryptocurrency regulation has been in the spotlight for the industry’s massive volatility, the recent attacks on Colonial Pipeline and JBS have shifted some focus to anonymity concerns. According to the Wall Street Journal Friday, the Biden Administration is examining the role cryptocurrencies played in both attacks and researching ways to trace cryptocurrency transactions, particularly through exchanges, which facilitate the transfer of funds. Among these efforts, Deputy National Security Advisor Anne Neuberger has started coordinating with international governments to determine when and how to trace payments.
U.S. Energy Secretary Jennifer Granholm affirmed Sunday that U.S. adversaries have the ability to effectively shut down the nation’s power grid. Though she didn’t mention cryptocurrencies, she did say she supports outlawing ransom payments and that nobody should be paying ransoms after cyberattacks because “it only encourages the bad guys.”
When the Equifax security breach exposed the personal information of 143 million Americans in 2017, the cyberthieves responsible demanded a payment of 600 bitcoins to delete the stolen information. Worth nearly $3 million at the time, the sum would be worth $21.8 million today.