The FBI warns ransomware attacks are on the rise, they offer with some tips for how to deal with the threat
FBI warns Ransomware is a virus that is usually delivered by email that locks down a computer system until the victims pay a ransom to the hackers. The FBI bulletin includes a good description of what ransomware threats look like and what happens when an infected file or hyperlink is accessed:
In the ransomware attack the FBI is warning about, victims—upon seeing an e-mail addressed to them—will open it and may click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code. The e-mail might contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.
One the infection is present, the malware begins encrypting files and folders on local drives, any attached drives, backup drives, and potentially other computers on the same network that the victim computer is attached to. Users and organizations are generally not aware they have been infected until they can no longer access their data or until they begin to see computer messages advising them of the attack and demands for a ransom payment in exchange for a decryption key. These messages include instructions on how to pay the ransom, usually with bitcoins because of the anonymity this virtual currency provides.
FBI Warns Ransomware frequency have increased dramatically in 2015, and they’re on track to “grow even more in 2016, if individuals and organizations don’t prepare for these attacks in advance.”
Unfortunately, defending against ransomware is very difficult, especially since hackers began using “spear-phishing” techniques to spread their malware. Spear-phishing has become the weapon of choice for hackers. Instead of sending the sort of obvious spam emails users have learned to filter out or avoid, spear-phishers obtain personalized information to make their toxic emails look more legitimate, or make them appear to come from trusted sources. It has become all too easy to open a virus-laced attachment file, believing it’s a legitimate document from a friend or colleague.
Ransom attacks are a disturbingly effective cyber-crime, because once a large system is locked down, it may become far more affordable to pay the ransom than to fight the infection. InfoSecurity notes there have been reports in the past of the federal government advising ransomware victims to pay up, but in the new bulletin, FBI warns ransomware – Cyber Division Assistant Director James Trainor definitively advised against cooperating with the criminals.
“Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom,” Trainor said. “Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”
The new FBI bulletin appears to have been prompted by a ransomware attack on the Lansing Board of Water and Light in Michigan last week. Security firm Kaspersky Labs reported that the Lansing Board of Water and Light was still recovering from the ransomware attack this week.
The FBI has previously said that ransomware is on pace to become a billion-dollar annual crime. “I am concerned that by hospitals paying these ransoms, we are creating a perverse incentive for hackers to continue these dangerous attacks,” Boxer said in a letter to FBI Director James Comey, as reported by the Washington Times.
More Here [breitbart]