More weight should be placed on consideration of the victims whose business has been ground to a halt in the aftermath of ransomware attacks, according to Kurtis Minder, CEO and co-founder of security firm GroupSense, which helps ransomware victims negotiate with cybercriminals if they can’t obtain a decryption key otherwise.
“I am not in law enforcement, and I know they have to make this call all the time: whether to take intelligence or information they have tactically to stop one attack or one bad person, or leverage it to pull on the threads… for the greater good,” Minder told The Daily Beast. “We are on the front lines representing victims who are losing their businesses, livelihoods, and more. I would hope that consideration was given to any other possible options to help these victims.”
The FBI could have been more creative in sharing the tool earlier without tipping their hand that they took it from the ransomware gang and were planning a counterattack, says Phil Reiner, who serves as executive director of the Ransomware Task Force, a group that has been coordinating with the FBI on how to takedown the ransomware gangs.
“I understand the conundrum the FBI faced, so it’s hard to armchair quarterback all the considerations that must have been at play,” Reiner, who is also the CEO of the Institute for Security and Technology, told The Daily Beast. “If the FBI operation had worked and they’d successfully hit REvil, but folks had been left to struggle along the way, how different would this conversation be? I hope it’s a learning experience for the FBI, but that remains to be seen. I’d assert there are ways to help organizations in duress and also not blow the operation.”
The FBI declined to comment for this story. The White House did not return multiple requests for comment.