FBI officials have offered recommendations to victims of ransomware designed to minimize the severity of the problem while improving the agency’s ability to investigate and prosecute the perpetrators.
First and foremost, the agency recommends not paying the ransom and immediately contacting the Bureau or filing a report at http://www.ic3.gov – the federal government’s website for tracking instances of cyber crime nationally. Officials note that any piece of information from transaction data to a Bitcoin wallet address to the hashtag of the malware or email correspondence could potentially aid the investigation.
Agent Will Bales, the supervisory special agent for the FBI’s Cyber Division, said in a recent panel discussion “People have to remember that ransomware does not affect just one person or one business. It will more than likely move on and affect somebody else. And for those who pay the ransom, it only encourages them to extort the next person.”
Federal Trade Commission Chariwoman Edith Ramirez was also a part of that panel and noted how significantly the threat of ransomware has increased in the past year. She cited Justice Department data noting that 4,000 known ransomware attacks have been perpetrated since the start of 2016. An estimated 93% of phishing emails now also contain some form of ransomware.
Describing the scope of the problem Ramirez commented “Ransomware attackers can access extremely sensitive personal information such as medical data, financial account numbers, and the contents of private communications, some of which may be sold on the dark web.”
The chairwoman also noted that responsibility for the attacks lies not only with the perpetrators but also with the companies tasked with storing and protecting sensitive data. The commission has already made more than 60 enforcement actions around companies found to provide inadequate protection of consumer data. Though still under debate, failing to protect against ransomware may be a violation of federal law.
Agent Biles said that the FBI has made progress in combating ransomware attacks by working in conjunction with local law enforcement agencies but offered no further details. Specific information about these victories was promised in the coming months.
Ransomware has become one of the most consistently lucrative forms of cyber attack in recent years. Trend Micro estimates that ransomware attacks cost enterprises $209 million just in the first half of 2016. This figure does not include the amounts paid by individuals, or instance of ransomware that were paid but went unreported.