FBI asks businesses for help with ransomware investigation

FBI asks businesses for help with ransomware investigation
© Thinkstock

The FBI is asking companies and security experts to help it investigate a new ransomware virus, Reuters reports.

ADVERTISEMENT

“We need your help!” read a confidential advisory dated March 25.

Ransomware is a malicious virus that encrypts data on an internal computer system and allows hackers to demand payment in exchange for a decryption key. Experts say the entire ransomware industry is approaching $1 billion a year.

Friday’s alert asked for assistance in the investigation into a specific virus called MSIL/Samas. The virus seeks to encrypt data on an entire network, not just a single computer.

The agency first warned companies about the virus in February, but merely provided technical details and did not ask for assistance.

Recipients of Friday’s notice were asked to immediately contact the agency if they find evidence they had been attacked or have other information that could help with the investigation. 

"The FBI is distributing these indicators to enable network defense activities and reduce the risk of similar attacks in the future," the advisory said.

The number of ransomware campaigns has grown exponentially in recent years, with cyber criminals extorting hundreds of millions from victims.

Law enforcement is scrambling to keep up as some victims, desperate to regain access, simply pay the price without consulting police.

Last month, Hollywood Presbyterian Medical Center announced that it had paid hackers a ransom in bitcoin — an anonymous digital currency — to regain access to their locked systems.

The FBI has even told victims to pay up — a controversial move for security experts.

“The ransomware is that good,” said Joseph Bonavolonta, assistant special agent in charge of the Cyber and Counterintelligence Program in the FBI’s Boston office, during a cybersecurity conference last fall. “To be honest, we often advise people just to pay the ransom.”

Authorities can only do so much, experts say. Ransomware often goes unreported, bitcoin payments are hard to track and many digital kidnappers are protected by friendly Eastern European governments.

“This is very rapidly expanding into a scourge,” Stu Sjouwerman, CEO for cybersecurity training firm KnowBe4, recently told The Hill.