When it comes to investigating cyberattacks, whether they’re perpetrated by terrorists. Overseas adversaries or criminals, the Federal Bureau of Investigation (FBI) is the agency tasked with the job.
The also provide the public a way to report internet-facilitated crimes through their Internet Crime Complaint Center (IC3). The IC3 monitors all types of trending scams and when appropriate. They warn the public of emergent threats to watch out for.
In October 2019, they issued a warning about “High-Impact Ransomware Attacks” that are threatening U.S. businesses and organizations. Previously in September of 2016, they had put out a request urging ransomware victims to report attacks.
Their alert stated, “The FBI urges victims to report ransomware incidents to federal law enforcement to help us gain a more comprehensive view of the current threat and its impact on U.S. victims.”
Based upon reporting they’ve received, as a follow up to the earlier reporting request, their new alert is a public service announcement alerting organizations about the ransomware threat they’re facing and it provides details on how ransomware works and their recommendation on what you should do if you’ve become a victim.
RCOR provides our clients world-class managed cybersecurity solutions that address today’s threats, so we make it a priority to keep up to date on all emerging threats and the resulting alerts and PSAs issued by the FBI.
Following are the important details you need to know about this latest FBI warning.
Ransomware Is a Growing Threat
Between the last two quarters of 2018 and the first two quarters of 2019, ransomware attacks increased by 77%. While healthcare is one of the main industries targeted, no business, no matter the size or industry, is safe.
Ransomware attackers count on a victim’s need to get their data back urgently and will ask for a ransom that they think a business can afford to pay quickly. For example, they may demand $15,000 from a large hospital and $3,000 from small business. Their goal is to get the ransom fast, then move on to the next victim.
According to the FBI’s 2018 Internet Crime Report, U.S. victims of ransomware attacks reported overall losses of $3,631,858 last year. But they warn that the real number could be much higher because it doesn’t account for estimates of lost business, time, wages, files, equipment, or any third-party remediation services acquired by a victim.
What Does the FBI Want You to Know About Ransomware?
Getting back to the October alert about “high impact” ransomware attacks, here is the information that the FBI wants businesses to know about these attacks so they can protect themselves.
What is Ransomware?
While you may be familiar with the term, not everyone is familiar with how it actually works.
Ransomware is a form of malware that is designed to basically hold your files “hostage.” It encrypts the files on a victim’s computer or server so they are unusable, and the victim is basically locked out of their data.
The criminal then demands a ransom from the victim. And when paid they promise to give them the decryption key so they can restore their data. They usually request the ransom in an untraceable format, such as bitcoin.
According to IC3 and FBI case information, the losses from ransomware attacks have significantly increased in recent years.
How Do Ransomware Infections Happen?
The techniques that the FBI has seen cybercriminals using to deliver ransomware include:
- Email phishing campaigns where the ransomware is delivered by a malicious attachment or link
- Remote desktop protocol vulnerabilities that give individuals control of the resources and data on a computer
- Software vulnerabilities, which can go unpatched if a company doesn’t regularly apply updates in a timely manner
Should I Pay the Ransom?
Approximately 45% of organizations pay a ransom when they’re faced with a ransomware attack. A few examples of the types of ransom amounts paid include:
- The City of Riviera Beach, FL paid $600,000 in bitcoin
- The City Lake City, FL paid $460,000 in bitcoin
- Hollywood Presbyterian Medical Center in LA paid $17,000 in bitcoin
What does the FBI say? They say don’t pay!
They note that paying the ransom does not guarantee that the criminal will actually hold up their end of the bargain to decrypt your files. And even if they do provide a key, flaws in the encryption process can still cause you to lose a portion of your data.
Paying the ransom also gives the criminals a reason to continue what they’re doing and seek out other victims.
They recommend that no matter what, you do report the crime to law enforcement so they can take steps to try to track down the attackers.
They close out their alert by reiterating cybersecurity best practices such as:
- Back up data regularly
- Focus on awareness and training
- Ensure updates and patches are applied in a timely manner
- Use antivirus and anti-malware protection
- Disable macro scripts in Office files
- Use appropriate software restriction policies
- Use login authentication best practices
Keep Your Network & Data Safe with RCOR
We offer state-of-the-art cybersecurity protections to ensure you’re protected from all threats, even the most emergent. Ransomware and other malware attacks can be catastrophic for a business. We’ll help you safeguard your data and avoid becoming their next victim.
Schedule a free IT security review today by calling 919-263-5570 or reaching out online.