DHS

Ransomware? Don’t Pay It, Says FBI

Federal Bureau of Investigation Seal FBI September 15, 2016 Ransomware Public Service Announcement

What should companies do when ransomware hits?  The FBI says: (a) report it to law enforcement and (b) do not pay the ransom. Given the recent onslaught in ransomware attacks—such as a 2016 variant that compromised an estimated 100,000 computers a day—companies should consider how their incident response plans account for decision-making in response to ransomware, and include this scenario in their next (or an interim) tabletop simulation.

FBI Public Service Announcement

In a September 15 announcement, the FBI urged companies to come forward and report ransomware attacks to law enforcement. The FBI acknowledged that companies may hesitate to contact law enforcement for a variety of reasons: uncertainly as to whether a specific attack warrants law enforcement attention, fear of adverse reputational impact or even embarrassment, or a belief that reporting is unnecessary where a ransom has been paid or data back-ups have restored services.

Notwithstanding these dynamics, the FBI is calling on companies to help in the fight: “Victim reporting provides law enforcement with a greater understanding of the threat, provides justification for ransomware investigations, and contributes relevant information to ongoing ransomware cases.”

The FBI also offered some best practices that companies should consider incorporating into their cybersecurity program and/or their disaster recovery and business continuity plans. These recommendations include: regular backups that are verified, securing backups, implementation of anti-virus and anti-malware solutions, increased employee awareness training, institution of principle of least privilege policies, and more. READ MORE

Don’t Ignore Ransomware Vulnerabilities; You Could Be Violating FTC Act

Ransomware Malware FTC Hacker

Last week, the Federal Trade Commission convened a ransomware workshop to discuss the rising epidemic of attacks against U.S. businesses and individuals.  In a ransomware attack, a malicious actor tricks a user into downloading malware that encrypts all of their files, and then demands payment in exchange for the decryption key.  In the current climate, ransomware attacks appear to be a question of “when,” not “if,” especially given The Department of Homeland Security’s July report that there have been an average of 4,000 ransomware attacks per day since January 1, 2016. 

READ MORE