Following the exponential increase of cyber attacks worldwide, hitting critical infrastructure like hospitals particularly hard in the US, the FBI has issued a warning to organisations that hacks and nefarious behaviour online represents an existential threat for organisations.
The statement comes after the recent hacking of an Alabama hospital that we reported on last week where three hospitals operated by DCH Health Systems, who were reportedly hit so severely, they were unable to onboard new patients unless they were critically ill.
More to the point, the FBI is concerned that the company operating the hospitals elected to pay the hackers a ransom for the decryption of vital files. While the figure paid to hackers remains undisclosed, the move from DCH officials represents a common thread in the industry: paying hackers for the return of their data.
In the last few years, targeted ransomware attacks on businesses demanding big payouts have become one of the highest-profile cybersecurity issues in the country.”
According to Gizmodo, “ransomware attacks work by encrypting entire file systems, with attackers demanding ransom payments (typically in cryptocurrency) to provide the correct decryption key. In the last few years, targeted ransomware attacks on businesses demanding big payouts have become one of the highest-profile cybersecurity issues in the country.”
In response to the trend, the FBI has issued a statement saying that “ransomware attacks are becoming more targeted, sophisticated, and costly,” they said.
“Although state and local governments have been particularly visible targets for ransomware attacks, ransomware actors have also targeted health care organizations, industrial companies, and the transportation sector.”
“The FBI has observed cybercriminals using the following techniques to infect victims with ransomware: email phishing campaigns, remote desktop protocol vulnerabilities & software vulnerabilities.”
The agency added that “the FBI does not advocate paying a ransom, in part because it does not guarantee an organization will regain access to its data. In some cases, victims who paid a ransom were never provided with decryption keys. In addition, due to flaws in the encryption algorithms of certain malware variants, victims may not be able to recover some or all of their data even with a valid decryption key.”
“Paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals. However, the FBI understands that when businesses are faced with an inability to function, executives evaluate all options to protect their shareholders, employees and customers.”
“Regardless of whether you or your organization have decided to pay the ransom, the FBI urges you to report ransomware incidents to law enforcement. Doing so provides investigators with the critical information they need to track ransomware attackers, holder them accountable under U.S. law, and prevent future attacks.”