More than three years have passed since the FBI last issued a warning about ransomware. This month, responding to a sharp spike in the cost of such attacks, it put out a fresh alert about ransomware attacks across all sectors.
“Ransomware attacks are becoming more targeted, sophisticated, and costly,” FBI officials warned.
The agency’s alert came shortly after antivirus firm Malwarebytes reported a “shocking” 363 percent year-over-year increase in the second quarter of ransomware attacks targeting clients running its business software.
Ransomware is a form of malware that encrypts files on a victim’s computer or server, making them unusable. Cyber criminals demand a ransom in exchange for providing a key to decrypt the victim’s files.
Although state and local governments have been particularly visible targets for ransomware attacks, “ransomware actors” have also targeted health care organizations, manufacturers, and those in the transportation sector, the FBI said.
Among other all-too-familiar approaches, hackers have been using phishing campaigns, in which they send an email containing a malicious link that enables them to spread malware across an organization. They’ve also relied on “brute-force” methods to gain access to a company’s computer systems, using a trial-and-error approach to find logins, and will often try to take advantage of weaknesses in software security programs.
In its alert, the FBI said it does not advocate paying a ransom, in part because doing so does not guarantee an organization will regain access to its data.
In some cases, victims who paid a ransom were never provided with decryption keys. In addition, due to flaws in the encryption algorithms of certain malware variants, victims may not be able to recover some or all of their data even with a valid decryption key.
“Paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals,” the FBI said.
Whether you pay or not, it’s important to report ransomware attacks to law enforcement. Doing so provides investigators with the critical information they need to track ransomware attackers and prevent future attacks.
Although it noted that even the most robust prevention controls “are no guarantee against exploitation,” the FBI did offer a list of recommendations to help prevent ransomware attacks. It suggested that companies:
There’s more to this list that you can read here.
We’d also suggest reading this: 7 Ways Cyber Insurance Policies Can Help You Respond to a Data Breach
George Whitten is an Insurance Advisor at CCIG. Reach him at George.Whitten@thinkccig.com or at 720-330-7940.
CCIG is a Denver-area insurance, employee benefits and surety brokerage with clients nationwide. We do more than make sure you have the right policy. We help you manage your long-term cost of insurance with our risk and claims management expertise and a commitment to service excellence.
Back to Resources