Cracking Down on Ransomware: Strategies for Disrupting Criminal Hackers and Building Resilience Against Cyber Threats

Meeting Notes: 
This is a hybrid, in person/remote hearing.
Tuesday, November 16, 2021 - 10:00am
2154 Rayburn House Office Building, Washington, DC 20515
“Cracking Down on Ransomware: Strategies for Disrupting Criminal Hackers and Building Resilience Against Cyber Threats”

Chairwoman Carolyn B. Maloney's Opening Statement [PDF]

Washington D.C. (November 12, 2021)—On Tuesday, November 16, 2021, at 10:00 a.m. ET, Rep. Carolyn B. Maloney, the Chairwoman of the Committee on Oversight and Reform, will hold a hearing entitled, “Cracking Down on Ransomware:  Strategies for Disrupting Criminal Hackers and Building Resilience Against Cyber Threats.”


Ransomware attacks are a serious threat to our economy, public health, infrastructure, and national security, and recent incidents show the growing number and sophistication of attacks.  Cyber attacks have at least doubled since 2017, targeting private businesses, state and local governments, hospitals, school districts, critical infrastructure, and emergency services.  Recently, high-profile cyber incidents including the SolarWinds supply chain attack, and the ransomware attacks on the Colonial Pipeline, JBS Foods, and Kaseya have shined a spotlight on this growing national security threat.


Ransomware is now a multi-billion-dollar criminal industry.  In 2020, the estimated cost of ransomware attacks on both public and private institutions in the United States was $19.5 billion.  Additionally, recent data shows that in the first six months of 2021, financial institutions reported $590 million in ransomware-related transactions.  Current trends indicate that ransomware-related transactions in 2021 will be higher than the previous 10 years combined.  On November 8, 2021, the Department of Justice (DOJ) announced charges against two foreign hackers affiliated with the criminal ransomware group REvil, the entity responsible for thousands of ransomware attacks, including on JBS Foods and Kaseya.  The Department also announced that it seized $6.1 million in ransom payments received by the attackers.


The hearing will examine the competing pressures private sector companies—especially those serving critical public functions—and state and local governments face when confronting ransomware attacks, which often lead them to accede to attackers’ demands.


The hearing will also consider the swift steps the Biden Administration has taken to combat ransomware and the ways Congress can ensure the United States implements a whole-of-government response in coordination with the National Cyber Director.


Chris Inglis

National Cyber Director

Executive Office of the President


Brandon Wales

Executive Director

Cybersecurity and Infrastructure Security Agency


Bryan Vorndran

Assistant Director, Cyber Division

Federal Bureau of Investigation

117th Congress