May 6, 2016

Watch Out! Hackers May Be Trying To Hold Your Company Computers Hostage!

FBI issues a warning about increasing ransomware attacks, along with tips for mitigating the risk to you and your company.

The FBI has recently published information to warn businesses and law enforcement of the increasing dangers of business email scams and ransomware. Ransomware is a form of hacker mischief in which a virus, usually delivered by email, locks up files on a computer system until a payment is made to ‘unlock’ the files. The FBI bulletin includes a good description of what ransomware threats look like and what happens when an infected file or hyperlink is accessed. The bulletin also provides recommended steps users can take to mitigate their risk of becoming infected.

In a ransomware attack, unsuspecting victims open an e-mail addressed to them and click on an attachment that appears legitimate, like an invoice or an electronic fax, but which actually contains the malicious ransomware code. Some e-mails contain a legitimate-looking URL, but when a victim clicks on it, they are directed to a website that infects their computer with malicious software.

Once the infection is present, the malware begins encrypting files and folders on local drives, attached drives, backup drives and even other computers on the same network. Users and organizations are generally not aware they have been infected until they can no longer access their data or until they begin to see computer messages demanding a ransom payment in exchange for a decryption key. The frequency of ransomware attacks increased dramatically in 2015, and they’re on track to grow even more in 2016, if individuals and organizations don’t prepare for these attacks in advance.

Defending against ransomware is more difficult than ever
since hackers are frequently using “spear-phishing” techniques and even infiltrating legitimate websites with malicious code. Spear-phishers obtain personalized information to make their infected emails look more legitimate, making it all too easy to open a virus-laced attachment file, believing it’s a legitimate document from a friend or colleague. Ransomware hackers have also begun infiltrating legitimate websites with malicious code, making it dangerous to merely visit infected websites.

While no fix is perfect, there are several things you can do to mitigate your company risk to these increasing cyber threats. Start by raising employee awareness of malware threats and encouraging them not to open suspicious files or links. Experts also recommend reducing the number of users with high-level administrative access that can enable malware to jeopardize your entire network, making regular data backups, ensuring your backups are stored in a sealed location so they can’t be contaminated, ensuring all system updates and antivirus shields are up to date, and even putting limits on which websites network users are permitted to access.

If you do fall victim to a ransomware attack, FBI Cyber Division Assistant Director James Trainor definitively advised against cooperating with the criminals. “Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom,” Trainor said. “Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals.”

The full FBI statement can be found here.

Back to all posts