FBI Article: Ransomware on the Rise

We noticed that a lot of you really liked the last FBI cyber security article we ran. We’re pleased the Bureau has encouraged us to share their articles on this topic, so we’re happy to do so again. This article deals with a concerning type of cybercrime called ransomware, where a malware restricts access to the infected computer/network and demands that the operators pay some sort of ransom to regain control of their network. We hope this article is helpful to you. Please let us know if you have information or ideas on this topic that our readers may want to hear.

You can find this article, as well as many other articles you may find valuable to keep your business and staff secure against cybercrime, at this web address:

https://www.fbi.gov/news/stories/2015/january/ransomware-on-the-rise/ransomware-on-the-rise↗

For more information about fraud protection tools and product features provided by Bank of Tucson, please visit our website.

Ransomware on the Rise
FBI and Partners Working to Combat This Cyber Threat

Your computer screen freezes with a pop-up message—supposedly from the FBI or another federal agency—saying that because you violated some sort of federal law your computer will remain locked until you pay a fine. Or you get a pop-up message telling you that your personal files have been encrypted and you have to pay to get the key needed decrypt them.

Screen Shot 2015-12-03 at 10.50.23 AMThese scenarios are examples of ransomware scams, which involve a type of malware that infects computers and restricts users’ access to their files or threatens the permanent destruction of their information unless a ransom—anywhere from hundreds to thousands of dollars—is paid.

Ransomware doesn’t just impact home computers.
Businesses, financial institutions, government agencies, academic institutions, and other organizations can and have become infected with it as well, resulting in the loss of sensitive or proprietary information, a disruption to regular operations, financial losses incurred to restore systems and files, and/or potential harm to an organization’s reputation.

Ransomware has been around for several years, but there’s been a definite uptick lately in its use by cyber criminals. And the FBI, along with public and private sector partners, is targeting these offenders and their scams.

Screen Shot 2015-12-03 at 10.47.22 AMWhen ransomware first hit the scene, computers predominately became infected with it when users opened e-mail attachments that contained the malware.
But more recently, we’re seeing an increasing number of incidents involving so-called “drive-by” ransomware, where users can infect their computers simply by clicking on a compromised website, often lured there by a deceptive e-mail or pop-up window.

Another new trend involves the ransom payment method. While some of the earlier ransomware scams involved having victims pay “ransom” with pre-paid cards, victims are now increasingly asked to pay with Bitcoin, a decentralized virtual currency network that attracts criminals because of the anonymity the system offers.

Also a growing problem is ransomware that locks down mobile phones and demands payments to unlock them.

The FBI and our federal, international, and private sector partners have taken proactive steps to neutralize some of the more significant ransomware scams through law enforcement actions against major botnets↗ that facilitated the distribution and operation of ransomware.

For example:

  • Reveton ransomware, delivered by malware known as Citadel, falsely warned victims that their computers had been identified by the FBI or Department of Justice as being associated with child pornography websites or other illegal online activity. In June 2013, Microsoft, the FBI, and our financial partners disrupted a massive criminal botnet built on the Citadel malware, putting the brakes on Reveton’s distribution. FBI statement↗ and additional details.↗
  • Cryptolocker was a highly sophisticated ransomware that used cryptographic key pairs to encrypt the computer files of its victims and demanded ransom for the encryption key. In June 2014, the FBI announced—in conjunction with the Gameover Zeus botnet disruption—that U.S. and foreign law enforcement officials had seized Cryptolocker command and control servers. The investigation into the criminals behind Cryptolocker continues, but the malware is unable to encrypt any additional computers.Additional details.↗

If you think you’ve been a victim of Cryptolocker, visit the Department of Homeland Security’s U.S. Computer Emergency Readiness Team (CERT) CryptoLocker webpage↗ for remediation information.

The FBI—along with its federal, international, and private sector partners—will continue to combat ransomware and other cyber threats. If you believe you’ve been the victim of a ransomware scheme or other cyber fraud activity, please report it to the Bureau’s Internet Crime Complaint Center.↗

screen-shot-2016-09-28-at-7-28-21-pm_____________________________________________________________________________________________________________

 ↗ Linking to Non-Bank of Tucson Websites

This icon appears next to every link that directs to a third party website not affiliated with Bank of Tucson. Please be advised that if you click this link you will be taken to a website hosted by another party, where you will no longer be subject to, or under the protection of, the privacy and security policies of Bank of Tucson. We recommend that you review and evaluate the privacy and security policies of the site that you are entering. Bank of Tucson assumes no liability for the content, information, security, policies or transactions provided by these other sites.

fbtwitterLinkedIngp

Posted on December 3, 2015, in Business Advice, Fraud Protection and tagged , , , , . Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: