grandeduc - Fotolia

Ransomware costs business at least $18m, says FBI

The FBI says CryptoWall ransoware attacks have cost US business $18m in the past year, not including indirect costs and unreported attacks

The FBI has issued an alert to businesses about cryptographic ransomware – a type of malware that encrypts company data and demands payment for the decryption key.

In the first quarter of 2015, McAfee Labs saw a 165% increase from the previous quarter in new ransomware, driven largely by the hard-to-detect CTB-Locker ransomware family, a new ransomware family called Teslacrypt and the emergence of new versions of CryptoWallTorrentLocker and BandarChor

According to the FBI, the biggest threat continues to be CryptoWall, which has been responsible for 992 ransomware attacks reported to the agency since it appeared in April 2014.

Attackers have used CryptoWall to demand ransoms of between $200 and $10,000 to re-instate the locked data.

Most criminals involved in ransomware schemes demand payment in bitcoins because the digital currency is fast, publicly available, decentralised and provides a sense of heightened security and anonymity.

The FBI said the attacks using CryptoWall had resulted in losses to US businesses of more than $18m – but that does not include losses incurred by unreported attacks.

Those losses also do not include the cost of lost productivity, legal fees, cleaning up after an attack, new countermeasures and the cost of breaching personal information.

Mitigate ransomware attacks

The FBI advises companies to: 

  • Use antivirus and firewall software from "reputable companies" and keep them updated; 
  • Enable pop-up blockers to prevent accidental clicks on malicious webpages that could download malware; 
  • Back up all data.

The FBI also cautions enterprise employees not to click on any emails or attachments they do not recognise, and to avoid “suspicious” websites.

Read more about ransomware

However, many of the CryptoWall infections have been spread through malvertising or malicious advertisements on legitimate websites, requiring no interaction from the victims.

Other CryptoWall infections have been spread using exploit kits that use known Adobe Flash vulnerabilities – underlining the importance of installing security updates as soon as they are issued.

According to the latest McAfee Labs’ report issued by Intel security, Adobe Flash malware samples increased by 317% in the first quarter of 2015. The researchers attributed the spike in exploits to the popularity of Adobe Flash as a technology; user delay in applying available Adobe Flash patches; new methods to exploit product vulnerabilities; a steep increase in the number of mobile devices that can play Adobe Flash files; and the difficulty of detecting some Adobe Flash exploits.

“If you receive a ransomware popup or message on your device alerting you to an infection, immediately disconnect from the internet to avoid any additional infections or data losses,” the FBI alert said.

The alert also encourages businesses to report any ransomware attacks to local authorities.

 

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more on Hackers and cybercrime prevention

Join the conversation

3 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

OK, it's a HUGE problem. I think we all get that. But surely "don't click unknown emails" can't be the best advice available for resolving the problem. How about a databases of offenders? Key words to track? Malware removal tools...?

$18B seems like we're throwing some real money at these pirates. How about if we invest anotehr $18B or so to resolve the problem. That way we can kick them in their bits and cut them off at the knees.
Cancel
I certainly takes a multi-tier approach to address a problem of this proportion, but you can’t underestimate the benefits of training and education. Employees are generally the weakest link in the security chain. However, there are better options than "don't click unknown emails.”
Cancel
It all comes down to training. Look before you open an e-mail, don't just blindly click. Another main problem I see is mobile apps. Does anyone pay attention to what that app is asking for permission to?? No, they just click accept to play their game or whatever not realizing they may have just given total remote access to their mobile device.

Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close