Ransomware Takes Nasty New Twist
The FBI has asked businesses for urgent help dealing with a new form of ransomware. The attack is designed to compromise an entire network, rather than just a single computer.
Ransomware is a form of malware that damages a computer in a way that's usually reversible - but only by the malware creators. Commonly it involves encrypting files or even an entire hard drive so that they can't be accessed without a key, which is only provided when the victim hands over a fee.
Last month the FBI put out a warning of a form of ransomware dubbed MSIL/Samas.A. It targets a security vulnerability in a web server called "JBoss", which is commonly used by large businesses for web-based applications.
FBI: 'We Need Your Help!'
Originally, the FBI did not describe the issue as a major problem. That's changed however with an updated new bulletin that flat out states "We need your help!"
That change appears to be because the people behind the ransomware have developed a tool that can scan the Internet looking for business networks that are vulnerable to the attack. Once such a network is discovered, the attackers can remotely install the software and begin the blackmail process.
Cisco says the culprits appear to be targeting organizations such as hospitals, where being unable to use computers can be hugely disruptive, increasing the incentive to pay up. Indeed, it appears they are even experimenting with pricing, upping their demanded fee to unlock a single computer by 50 percent, but offering a bulk discount to clear an entire network. (Source: bbc.co.uk)
Whole Network Could Be Out of Action
Being able to infect an entire network makes ransomware attacks much more powerful. Locking up a single machine is an inconvenience, but many firms can work around the issue if they have a good back-up procedure. Locking out the whole network makes it much more likely the disruption will be so severe that management will decide to pay the ransom.
The FBI advisory is confidential, but a copy has been seen by Reuters. It includes a list of warning signs that a network has been compromised, along with a plea for companies to immediately tell the FBI if they suspect such an attack. (Source: reuters.com)
What's Your Opinion?
Are you concerned that ransomware appears to be getting more destructive? Are you relieved that more sophisticated attacks on businesses might mean the attackers lay off on individual consumers? Can a network connected to the Internet ever be truly safe?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 20 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
ramsomware
if any of the people who write and distributes ransomware should get a min. sentence of 65 years or more. not only are they stealing your money but in many cases your very livelihood. they rob you, your employer, and each of your respective families.
NO Pity for the low life.
search and destroy
targeting hospitals? zero clemency.
Ransomware Takes Nasty New Twist
Give 'em a fair trial and hang 'em.