In case of ransomware attack, Americans are encouraged to pay bitcoin ransom but report everything to the FBI.
Better to pay the ransom than to risk losing your files forever. Such advice is often given by FBI, said Joseph Bonavolonta, the Assistant Special Agent in Charge of the FBI’s CYBER and Counterintelligence Program, during the Cyber Security Summit 2015 that took place last week. According to Bonavolonta, the ransomware programs used to hack sites and encrypt files such as Cryptolocker, Cryptowall or Reveton are too good to be easily defeated by the cyber means at the disposal of FBI.
Bitcoin ransomware attacks became a commonplace in recent years. Users’ computers are attacked by a program that encrypts their files and demands a ransom, usually between $200 and $10,000. In vast majority of cases the ransom has to be paid in virtual currency bitcoin, because, according to FBI, “it's easy to use, fast, publicly available, decentralized, and provides a sense of heightened security/anonymity”. In June 2015, FBI evaluated losses of American victims to bitcoin ransomware attacks at more than $18 million.
CoinFox covered some stories about ransomware attacks perpetrated against social institutions. Police Departments in Illinois and Massachusetts as well as a school district in New Jersey fell victims to extortionists. While the policemen had to pay the ransom to the hackers, the school district computers were saved by a timely intervention of engineers and IT specialists. Among other targets was the Ministry of Justice of the Socialist Republic of Vietnam. In April Kaspersky Lab offered a solution against the popular ransomware virus CoinVault. But words of Bonavolonta suggest that in many cases, the authorities are incapable of protecting users’ data.
The FBI agent also gave other reasons why it is sometimes better to accept hackers' demands. As “overwhelming majority of institutions just pay the ransom”, criminals make big profits and are not inclined to put more pressure on their victims than needed. That is why the in most cases sums demanded are relatively modest and ransomware criminals are good to their word, said Bonavolonta. They really give the encrypted data back once they receive the money.
However, FBI wishes to be informed of any case of ransomware virus infection, said the agent. The intelligence organization needs to oversee the evolution of the scams, hoping that one day it might be better equipped to fight them.
Alexey Tereshchenko