By Sean Lyngaas, CNN
(CNN) — Leaders of the House Oversight and Reform Committee are questioning the FBI’s handling of a July ransomware attack on a Florida-based IT firm that compromised up to 1,500 businesses.
Reps. Carolyn Maloney, a New York Democrat, and James Comer, a Kentucky Republican, have requested a briefing from FBI Director Christopher Wray after the bureau reportedly withheld a key to decrypt the ransomware for nearly three weeks, potentially costing victims millions of dollars in recovery costs.
“Congress must be fully informed whether the FBI’s strategy and actions are adequately and appropriately addressing” the threat of ransomware to the US economy, Maloney and Comer wrote Wednesday in a letter to Wray that was shared with CNN. The lawmakers said they want to “understand the rationale behind the FBI’s decision to withhold” the key to unlock computers infected by the ransomware.
The FBI has in recent years ramped up resources to address ransomware, with FBI field offices across the country communicating with victim US companies. But a growing chorus of lawmakers wants to know if the bureau is balancing the need to protect victims with the need to disrupt criminal groups based in Eastern Europe and Russia.
Disrupting the hackers
The Washington Post reported last week that the FBI withheld the decryption key as the bureau planned an operation to disrupt the hackers, a Russian-speaking ransomware syndicate known as REvil. That operation never materialized as REvil mysteriously went offline in mid-July, only to reemerge in September.
The Washington Post was first to report on the letter to the FBI.
The July ransomware incident at the IT firm, Kaseya, rippled across the firm’s customer base of small and medium sized businesses as the hackers were able to breach about 50 of Kaseya’s clients and some 800 to 1,5000 customers of those clients.
An FBI spokesperson said the bureau received the letter and referred CNN to Wray’s recent congressional testimony.
In testimony last week in the Senate, Wray…