DHS: Ransomware attacks widely targeting feds

DHS: Ransomware attacks widely targeting feds

More than two dozen federal agencies have been hit by attempted “ransomware” attacks since last July, the Department of Homeland Security (DHS) said on Wednesday.

In the potentially damaging cyberattack, hackers remotely lock files in an effort to extort ransom payments.


The DHS said 29 agencies have reported 321 incidents of ransomware-related activity since last June. But in no case did the agencies have to pay up, as the ransomware was not able to successfully infect the government's networks.

The new details came in response to a query from Senate Homeland Security Committee leaders — Chairman Ron JohnsonRonald (Ron) Harold JohnsonOvernight Defense: Joint Chiefs warn against sweeping reform to military justice system | Senate panel plans July briefing on war authorization repeal | National Guard may have 'training issues' if not reimbursed Senate panel plans July briefing on war authorization repeal Overnight Defense: Senate panel delays Iraq war powers repeal | Study IDs Fort Hood as least-safe base for female soldiers | Pentagon loosens some COVID-19 restrictions MORE (R-Wis.) and ranking member Tom CarperThomas (Tom) Richard CarperProgressive groups ramp up pressure on Feinstein Senate confirms Radhika Fox to lead EPA's water office Rick Scott threatens to delay national security nominees until Biden visits border MORE (D-Del.) — seeking more data on ransomware, a rapidly growing cyber scheme generating hundreds of million of dollars for crime syndicates while law enforcement and lawmakers scurry to catch up.

Ransomware has been thrust into the spotlight by a recent string of successful attacks at hospitals around the country.

In February, a California hospital paid a $17,000 ransom to free its computers from a hacker's virus.

It’s also widely believed that a ransomware attack hit MedStar Health on Monday. The $5 billion organization operates 10 hospitals and more than 250 outpatient facilities in the Maryland and Washington, D.C., area.

MedStar has confirmed that a virus forced its systems offline, but has not detailed whether hackers are holding any files ransom.

“Hospitals are being attacked in full force now, as the amount of ransom money can be negotiated based on the number of computers that are infected and the damage caused by this downtime,” Stu Sjouwerman, CEO of cybersecurity training firm KnowBe4, said via email.

In a related response to the Homeland Security panel leaders, the Justice Department (DOJ) said its Internet Crime Complaint Center (IC3) had received 7,694 overall ransomware complaints since 2005 that have netted cyber crooks more than $57 million in ransom payments.

But experts — and the DOJ itself — say those numbers likely pale in comparison to the actual presence of ransomware, as it often goes unreported.

Estimates vary wildly, but several specialists suggested the ransomware industry has cleared $500 million annually and will soon approach $1 trillion a year.

Much of this is due to a recent ransomware uptick. A recent Kaspersky Lab study showed that in 2015, twice as many corporate computer networks had been hit by the cyber scheme as in the previous year.

The DOJ acknowledged that “many state and local governments victims” have also reached out to the FBI for help combatting ransomware attacks, although it did not give specific numbers. Reportedly, local police departments have paid ransoms ranging from $300 to $500 to unlock their systems.