The FBI is asking businesses and software security experts for emergency assistance in its investigation into a pernicious new type of “ransomware” virus used by hackers for extortion.
“We need your help!” the Federal Bureau of Investigation said in a confidential “Flash” advisory that was obtained by Reuters. Ransomware is malicious software that encrypts a victim’s data so they cannot gain access to it on their computers, then offers to unlock the system in exchange for payment.
Friday’s FBI alert was focused on ransomware known as MSIL/Samas.A that the agency said seeks to encrypt data on entire networks, an alarming change because typically, ransomware has sought to encrypt data one computer at a time. The plea asked recipients to immediately contact the FBI’s CYWATCH cyber center if they find evidence that they have been attacked or have other information that might help in its investigation.
It is the latest in a series of FBI advisories and warnings from security researchers about new ransomware tools and techniques. “This is basically becoming a national cyber emergency,” said Ben Johnson, co-founder of Carbon Black, a cyber security firm that on Friday uncovered another type of ransomware that seeks to attack PCs through infected Microsoft Word documents.
The sectors hardest hit by ransomware so far include industries that rely on computer access for performing critical functions, such as healthcare and law enforcement. Publicly reported attacks in which hospitals and police have paid ransoms, then recovered data, has encouraged attackers to further target those groups, cyber security experts said.
The best defense against all of these variants of Ransomware is to have a regular verifiable backup of all data. This allows for quick recovery of files without resorting to paying ransoms to cyber-criminals which sometimes fails to get the encrypted files released.