Held ransom by malicious spyware? Just pay up, FBI says
It’s not the type of advice one would typically expected from the FBI, but that’s exactly what was recommended by Joseph Bonavolonta, the assistant special agent in charge of the FBI’s CYBER and Counterintelligence Program Boston office.
“The ransomware is that good,” said Bonavolonta at the 2015 Cyber Security Summit in Boston, as quoted by Security Ledger. “To be honest, we often advise people just to pay the ransom.”
Bonavolonta went on to say that ransomware incidents should still be reported to the FBI so that the agency can monitor how the hackers are advancing their schemes, which can trap user data behind encryption. But he said even when the Bureau is notified of ransom hacks – software such as Cryptolocker, Cryptowall and Reveton, for example – the encryption is too tough for officials to crack.
“The easiest thing may be to just pay the ransom,” said Bonavolonta. “The amount of money made by these criminals is enormous and that’s because the overwhelming majority of institutions just pay the ransom.”
The malicious ransomware programs not only encrypt the contents of a victim’s hard drive, but also attack other directories accessible from the infected system, according to Bonavolonta.
Security Ledger reported ransomware is not new and has been around for more than a decade but in the last three years there have been a proliferation of incidents. Attacks can be hidden in email attachments, downloads, compromised websites or web ads (malvertising). That upswing has resulted in an increase of complaints to the FBI. The Bureau said 992 complaints have been submitted regarding Cryptowall between April 2014 and June 2015, resulting in losses of $18 million.
Bonavolonta said that while criminals make “enormous” amounts of money, the fact that so many companies decide to pay the ransom means hackers “are less inclined to wring excess profit out of any single victim, keeping ransoms low.”
Unusually, scammers are“good to their word,”Bonavolonta added, according to Security Ledger.“You do get your access back.”
One such scam happened in September. A US internet security firm discovered smartphone malware that was disguised as a free porn service. It covertly took pictures of users through the front camera and then demanded a ransom from them, threatening the victim with the disclosure of their personal information if they didn’t pay.
The app demanded $500 to release control of the device and reappeared even after rebooting the smartphone.
An Intel Security report published in August stated that the number of ransomware programs targeting primarily personal computers and laptops has increased by 127 percent since 2014.