Key Takeaways
- •Witnesses and members highlighted that cyber-enabled fraud losses surpassed $20 billion in 2025, prompting calls to designate ransomware actors as terrorists and pursue homicide charges for hospital-related deaths.
- •Cynthia Kaiser (Senior Vice President, Halcyon Ransomware Research Center) testified that ransomware attacks on hospitals doubled in 2025, while Josh Bercu (Senior Vice President, USTelecom) detailed the rise of industrial-scale scam compounds.
- •Rep. Michael Guest (R, MS-3) pressed Kaiser on whether the Department of Justice currently possesses the authority to charge cybercriminals with felony murder when ransomware attacks result in documented patient fatalities.
- •Rep. James Walkinshaw (D, VA-11) and other Democrats criticized the administration for cutting one-third of the CISA workforce, while Republicans focused on the role of Mexican cartels and Chinese money laundering.
- •Congress must now consider codifying the March 2026 executive order, reauthorizing state cybersecurity grants, and establishing a "digital assets hold law" to allow exchanges to freeze illicit cryptocurrency funds.
Read the full transcript
Starting at $350/mo
- Full hearing transcripts
- Speaker timestamps with video verification
- Organization & competitor mentions
- Same-day delivery
- Personalized summaries
30-day money-back guarantee on all paid plans.
Hearing Analysis
Overview
This joint subcommittee hearing examined the escalating threat posed by transnational criminal organizations (TCOs) that leverage digital technologies—including cryptocurrency, artificial intelligence (AI), and sophisticated telecommunications infrastructure—to conduct large-scale fraud and extortion. The discussion focused on the "industrialization" of cybercrime, where organized syndicates from Southeast Asia to Mexico target American citizens and critical infrastructure, resulting in over $20 billion in reported losses in 2025. Members and witnesses explored the intersection of cyber-enabled financial crime with national security, highlighting the role of hostile nation-states and the urgent need for enhanced public-private coordination and federal resourcing.
Key Testimony & Policy
Witnesses detailed a shift from opportunistic hacking to highly organized, "fraud-as-a-service" operations. Cynthia Kaiser, Senior Vice President at Halcyon, highlighted the devastating impact of ransomware on the healthcare sector, noting that attacks on hospitals nearly doubled in 2025. She specifically cited the February 2026 attack on the University of Mississippi Medical Center (UMMC), which crippled the state's only Level 1 trauma center for nine days. Kaiser proposed that the Department of Justice (DOJ) evaluate homicide or felony murder charges when ransomware attacks result in patient deaths and suggested that the Department of State and Department of the Treasury consider designating certain ransomware groups as foreign terrorist organizations (FTOs) to unlock more aggressive enforcement authorities.
Ari Redbord, Global Head of Policy at TRM Labs, testified on the massive scale of illicit cryptocurrency flows, which reached $158 billion in 2025. He emphasized the role of Chinese underground banking networks in laundering proceeds for both Mexican cartels and Southeast Asian "pig butchering" compounds. Redbord advocated for a "digital assets hold law" to allow exchanges to freeze illicit funds more effectively and promoted the Beacon Network, a public-private partnership that connects law enforcement with crypto exchanges to interdict stolen funds in real time.
Josh Bercu of USTelecom and the Industry Traceback Group focused on the evolution of telecom fraud. He described the use of "SIM boxes"—devices that allow foreign scammers to generate thousands of calls that appear to originate from domestic U.S. numbers. Megan Stifel, Chief Strategy Officer at the Institute for Security and Technology, warned that recent budget cuts and personnel losses at the Cybersecurity and Infrastructure Security Agency (CISA) have undermined critical programs. She urged Congress to authorize the Joint Cyber Defense Collaborative (JCDC) and provide permanent extensions for the Cybersecurity Information Sharing Act of 2015 and the State and Local Cybersecurity Improvement Act of 2021.
Notable Exchanges & Partisan Dynamics
The hearing featured a sharp divide regarding the current administration's management of federal cybersecurity resources. Rep. James Walkinshaw (D, VA-11) and Rep. Julie Johnson (D, TX-32) criticized the Trump administration for "decimating" the CISA workforce, noting that a third of the agency’s staff had been cut or driven out. Rep. Walkinshaw highlighted the loss of the "Pre-Ransomware Notification Initiative," a program he claimed had prevented $9 billion in damages by notifying potential victims before attacks occurred. Conversely, Republicans, including Rep. Michael Guest (R, MS-3) and Rep. Andrew Ogles (R, TN-5), praised President Trump’s March 2026 Executive Order on combating cybercrime as a decisive step toward a more offensive national posture.
A technical exchange occurred between Rep. Al Green (D, TX-9) and Mr. Redbord regarding the "pseudonymity" of cryptocurrency. Rep. Green expressed concern that the peer-to-peer nature of crypto allows criminals to evade taxes and law enforcement. Mr. Redbord countered that the transparency of public blockchains actually provides law enforcement with better investigative tools than the traditional financial system, provided they have the right analytics software. Additionally, Rep. Seth Magaziner (D, RI-2) questioned why social media companies continue to host accounts created via fraudulent SIM box numbers, calling for more accountability from tech platforms.
Organizations Mentioned
* **Cybersecurity and Infrastructure Security Agency (CISA):** Discussed extensively regarding significant workforce cuts and the shuttering of its Pre-Ransomware Notification Initiative. * **Federal Bureau of Investigation (FBI):** Cited for its 2025 Internet Crime Report and its "Level Up" program, which involves direct outreach to potential scam victims. * **TRM Labs:** Represented by witness Ari Redbord; the company provides blockchain intelligence and operates the Beacon Network for public-private interdiction. * **University of Mississippi Medical Center (UMMC):** Used as a primary case study for the life-threatening consequences of ransomware attacks on critical healthcare infrastructure. * **Industry Traceback Group (Traceback Group):** Designated by the FCC to trace illegal robocalls; the group was praised for reducing the time to identify scammers from months to hours. * **U.S. Department of State:** Mentioned regarding its leadership in the International Counter Ransomware Initiative (CRI) and the need for diplomatic pressure on "safe haven" countries. * **Halcyon:** A cybersecurity firm focused on ransomware research; witness Cynthia Kaiser detailed their work on quantifying the human cost of cyberattacks. * **NVIDIA:** Mentioned by Rep. Magaziner in the context of criticizing the administration for allowing the sale of advanced AI chips to China.
What's Next
The subcommittees indicated they would use the testimony to inform future legislation, specifically regarding the reauthorization of the State and Local Cybersecurity Grant Program and the potential codification of the JCDC. Witnesses were asked to provide formal written recommendations for "top five" legislative actions. There is an expected focus on the implementation of the March 2026 Executive Order, with members calling for a more robust interagency "strike force" approach to dismantle Southeast Asian scam compounds and Mexican cartel digital networks.
Transcript
The Committee on Homeland Security Subcommittee on Border Security and Enforcement will come to order. Without objection, the chair may declare the committee in recess at any point. The purpose of today's hearing is to examine how transnational criminal organizations are increasingly exploiting digital technologies, including cryptocurrency, online platforms, artificial intelligence, and global financial networks to conduct fraud, launder illicit proceeds, and target American citizens, businesses, and critical infrastructure. I would like to thank our colleagues from the Cybersecurity and Infrastructure Protection Subcommittee for partnering with us for this joint hearing. I would like to now recognize myself for a brief opening statement. Good morning and welcome to the Border Security and Enforcement and Cybersecurity and Infrastructure Protection joint subcommittee hearing examining how transnational criminal networks are increasingly targeting Americans in the digital world to expand their illicit activities and increase their profits through scams, fraud, and extortion. As technology has evolved and web-based services have crossed traditional borders, cyber-enabled financial crime has risen sharply. Transnational criminal networks from Mexican drug trafficking organizations to Southeast Asia scam operations are targeting Americans with an expanding arsenal of digital tools available in the public sphere. We must build and maintain a strong defense against cyber-enabled criminals. Most Americans have encountered some sort of scam enabled by technology. These scams often target our aging and elderly families and constituents, seeking to drain their life savings and retirement plans using emotional manipulative tactics. In 2025 alone, scammers stole more than $20 billion from Americans. Criminal networks use the digital domain to promote their illicit activities. The challenging nature of tracing cryptocurrency provides a landscape where Mexican drug cartels and other criminal organizations can launder their money by converting profits from illegal activity into digital currency, which can be accessed across the world in a matter of seconds. Through this digital marketplace, the Mexican cartels are utilizing Chinese money laundering networks as a piece of their business models. President Trump issued an executive order designating certain cartels and transnational criminal organizations as foreign terrorist organizations, or FTOs. This designation has created opportunities to use new authorities to combat drug cartels and organized criminal organizations. Cyber-enabled crime not only victimizes Americans, but also raises concern for national security interests. Just last week in his testimony before the House Appropriations Committee, Todd Lyons, the acting director of ICE and Customs Enforcement, spoke about a major Homeland Security investigation involving Chinese Communist Party actors committing gift card fraud and sending proceeds back to military units in China. Digital extortion, which is another form of cybercrime, has serious national security implications. These ransomware attacks often involve foreign actors targeting sensitive industries, such as education, government, and healthcare databases, holding data or systems hostage and demanding payment for its release. My home state of Mississippi just recently experienced a major ransomware attack, and I know that many of my colleagues' districts have experienced attacks as well. The severity and increasing frequency of these attacks is deeply concerning. Our critical infrastructure, our data, and our constituents must be protected. Congress must step up to secure our virtual border. President Trump's recent executive order identifying cyber-enabled crime as a priority and pushing an offensive approach on combating cybercrime is a positive step, but it must be built upon. Given the role of industry, public-private partnerships are critical to facing these threats head-on. It is important that Congress examine how transnational criminal organizations are exploiting digital technology and targeting Americans. Today we have with us experts who will share their insight on this growing issue and provide a valuable discussion on how Congress can work together to combat financial crime. I would now like to recognize the ranking member, the gentleman from California, Mr. Correa, for his opening statement.
Read the full transcript
Starting at $350/mo
- Full hearing transcripts
- Speaker timestamps with video verification
- Organization & competitor mentions
- Same-day delivery
- Personalized summaries
30-day money-back guarantee on all paid plans.
Not ready to subscribe?
Get a free daily digest with hearing summaries ranked by relevance.
Already have an account? Log in
