The Federal Bureau of Investigations (FBI) is warning businesses to be on the lookout for a rise in ransomware attacks. On Friday, the FBI published a letter revealing that the threat posed by ransomware to hospitals, state and local governments, law enforcement, small businesses, and private individuals is growing.
"Ransomware has been around for a few years, but during 2015, law enforcement saw an increase in these types of cyber attacks, particularly against organizations because the payoffs are higher," the letter reads. "And if the first three months of this year are any indication, the number of ransomware incidents--and the ensuing damage they cause--will grow even more in 2016 if individuals and organizations don’t prepare for these attacks in advance."
Along with an increase in the number of ransomware attacks, the FBI has observed a corresponding increase in the sophistication of attack campaigns. Computer criminals traditionally relied solely on spam mail to send out most forms of malware. Now they are turning to more sophisticated means, including spear-phishing (or whaling) emails and exploit kit attacks that don't require user interaction.
The FBI has said in the past that paying the ransom fee is sometimes the only way for victims to recover their encrypted data. But in its letter, the FBI is careful to point out it does not support that course of action given certain negative consequences.
"Paying a ransom doesn’t guarantee an organization that it will get its data back--we’ve seen cases where organizations never got a decryption key after having paid the ransom," explains FBI Cyber Division Assistant Director James Trainor. "Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals."
Acknowledging those repercussions, the FBI urges organizations to develop a business continuity plan they can implement in the event of an attack and to invest in ransomware prevention. For some helpful ransomware prevention tips, please click here.
