The Federal Bureau of Investigation (FBI) has advised the public that ransomware is still a real threat, and advised on its prevention and mitigation.
The malware infects a user’s computer, rendering files inaccessible by encrypting them. The software demands a ransom payment, typically in bitcoins, in order to unlock the files. Infection occurs when the user inadvertently downloads the software from a pop-up, advertisement, email attachment or other untrusted source.
During the past year, ransomware has affected individuals, businesses, schools, government offices and even several police departments. Solutions that can break the encryption have been deployed for some versions, but the problem is ongoing.
Ransom demands have ranged between $200 and $10,000, but the FBI points out that the true cost is higher when lost productivity, legal fees and various IT expenses are accounted for.
Crypto Daily Sponsors Singapore’s 2019 Run for Light EventGo to article >>
The most current and significant ransomware affecting US users is CryptoWall and its variants. Since April 2014, the FBI’s Internet Crime Complaint Center (ic3) received 992 complaints of CryptoWall attack, the victims reporting total losses of $18 million. In many cases, files are too valuable to lose, and the victims have no choice but to pay up.
Interesting is the FBI’s explanation for the hackers’ choice of bitcoin as a method of payment:
“Criminals prefer Bitcoin because it’s easy to use, fast, publicly available, decentralized, and provides a sense of heightened security/anonymity.”
The agency is suggesting that criminals aren’t necessarily immune to apprehension by authorities, which would be the primary benefit for bitcoin in such cases.
Computer users are advised to have updated antivirus software constantly running and employ a firewall. In addition, they should disable pop-ups and never open untrusted emails or attachments. Offline files should also be backed up to another location, so that in the event they are infected, the system can be wiped clean and the files restored.