This time around, though, Bessette is leading the cyber incident response at consulting firm Booz Allen Hamilton, which he joined in 2019. In his new role, he is actually helping the firm’s customers negotiate with hackers, something he never did at the FBI. In some instances, he is even recommending paying the ransom, which goes against what the FBI and other U.S. government agencies recommend. “The FBI does not support paying a ransom in response to a ransomware attack,” the law enforcement agency writes on its website. “Paying a ransom doesn’t guarantee you or your organization will get any data back. It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.” FBI director, Christopher Wray, testified before Congress earlier this month, reiterating the policy, despite Colonial and others paying the ransom.
Bessette recognizes the irony of one of the best-known government contractors in the world going against the recommendations of the federal agency. “We are the largest provider of cybersecurity to the U.S. government,” he says. “But unfortunately, when companies find themselves in a situation where they’re losing a million dollars a day, a ransom in the low millions of dollars… especially when there’s cyber insurance to help alleviate some of the business impact, becomes a business decision to the victim organizations.”
Source: Major Government Contractor Booz Allen Helps Cyber Victims Pay Ransoms—Exactly The Opposite Of U.S. Policy