Hearing Examined Peters’ Report and the Need to Implement His Law Requiring Critical Infrastructure to Report Ransomware Attacks
WASHINGTON, D.C. – U.S. Senator Gary Peters (D-MI), Chairman of the Homeland Security and Governmental Affairs Committee, convened a hearing to examine how cryptocurrencies have facilitated the rapid rise of ransomware attacks, the need for comprehensive data to deter these attacks, and how network breaches continue to disrupt our lives and livelihoods. The Committee discussed Peters’ recently released investigative report into the role cryptocurrencies continue to play in emboldening and incentivizing cybercriminals to commit ransomware attacks that pose an increasing national and economic security threat. The report – which found that the government lacks sufficient data and information on ransomware attacks and their use of cryptocurrency – showed the importance of quickly implementing Peters’ landmark law to require critical infrastructure owners and operators to report cyber-attacks and ransomware payments to the Cybersecurity and Infrastructure Security Agency (CISA).
“A single ransomware attack can force businesses to close their doors permanently, even if they pay the ransom demand,” said Peters during his opening statement. “Malign actors almost exclusively demand cryptocurrencies when extorting large sums of money, because they can take steps to obscure their transactions and circumvent regulatory scrutiny, making payments more difficult to trace.”
Peters continued: “My investigation found that the federal government lacks sufficient data and information on ransomware attacks and the use of cryptocurrency as ransom payment in these attacks – and must collect better data to understand the scope of the threat. The cyber incident reporting law that Ranking Member Portman and I authored and passed earlier this year marks a significant first step to getting the information the government needs to combat this growing threat.”
To watch video of Senator Peters’ opening remarks, click here. For text of Peters’ opening remarks, as prepared, click here.
To watch video of Senator Peters’ questions, click here.
The hearing discussed the findings and recommendations of Peters’ recent investigative report and the importance of providing the federal government with comprehensive data on ransomware attacks, and the use of cryptocurrencies as ransom payments in these attacks. The witnesses also raised concerns about shortfalls in federal enforcement of anti-money laundering regulations with respect to illicit cryptocurrency transactions. Lawmakers also heard about how the unique features of cryptocurrencies can allow criminal hackers to convert ransom payments into other currencies.
During the hearing, Peters highlighted how the vast majority of global ransomware revenue in 2021 went to groups that are located in Russia or are controlled by the Russian government. As our nation continues to support Ukraine against an illegal Russian invasion, Peters warned that the federal government must bolster its efforts to fight back against Russian-backed criminal hackers.
In addition to his recently released report and cyber incident reporting law, Peters has led efforts to strengthen cybersecurity protections across the board. His bipartisan bill to enhance cybersecurity assistance to K-12 educational institutions across the country was signed into law. Additionally, Senator Peters secured several provisions in the bipartisan infrastructure law to bolster cybersecurity – including $100 million fund to help victims of a serious attack recover quickly. Peters has also authored and passed significant reforms out of the Senate to require civilian federal agencies to report to CISA if they experience a cyber-attack and ensure federal agencies can quickly and securely adopt cloud-based technologies that improve government operations and efficiency.