DHS: Ransomware attacks widely targeting feds

DHS: Ransomware attacks widely targeting feds

More than two dozen federal agencies have been hit by attempted “ransomware” attacks since last July, the Department of Homeland Security (DHS) said on Wednesday.

In the potentially damaging cyberattack, hackers remotely lock files in an effort to extort ransom payments.


The DHS said 29 agencies have reported 321 incidents of ransomware-related activity since last June. But in no case did the agencies have to pay up, as the ransomware was not able to successfully infect the government's networks.

The new details came in response to a query from Senate Homeland Security Committee leaders — Chairman Ron JohnsonRonald (Ron) Harold JohnsonFrustration boils over with Senate's 'legislative graveyard' Barr throws curveball into Senate GOP 'spying' probe Bipartisan group of senators introduce legislation designed to strengthen cybersecurity of voting systems MORE (R-Wis.) and ranking member Tom CarperThomas (Tom) Richard CarperOvernight Energy: Democrats push EPA to collect 4K in 'excessive' Pruitt travel expenses | Greens angered over new rules for rocket fuel chemical | Inslee to join youth climate strikers in Las Vegas Democrats push EPA to collect 4K from Pruitt for 'excessive airfare expenses' Overnight Energy: Democrats ask if EPA chief misled on vehicle emissions | Dem senators want NBC debate focused on climate change | 2020 hopeful John Delaney unveils T climate plan MORE (D-Del.) — seeking more data on ransomware, a rapidly growing cyber scheme generating hundreds of million of dollars for crime syndicates while law enforcement and lawmakers scurry to catch up.

Ransomware has been thrust into the spotlight by a recent string of successful attacks at hospitals around the country.

In February, a California hospital paid a $17,000 ransom to free its computers from a hacker's virus.

It’s also widely believed that a ransomware attack hit MedStar Health on Monday. The $5 billion organization operates 10 hospitals and more than 250 outpatient facilities in the Maryland and Washington, D.C., area.

MedStar has confirmed that a virus forced its systems offline, but has not detailed whether hackers are holding any files ransom.

“Hospitals are being attacked in full force now, as the amount of ransom money can be negotiated based on the number of computers that are infected and the damage caused by this downtime,” Stu Sjouwerman, CEO of cybersecurity training firm KnowBe4, said via email.

In a related response to the Homeland Security panel leaders, the Justice Department (DOJ) said its Internet Crime Complaint Center (IC3) had received 7,694 overall ransomware complaints since 2005 that have netted cyber crooks more than $57 million in ransom payments.

But experts — and the DOJ itself — say those numbers likely pale in comparison to the actual presence of ransomware, as it often goes unreported.

Estimates vary wildly, but several specialists suggested the ransomware industry has cleared $500 million annually and will soon approach $1 trillion a year.

Much of this is due to a recent ransomware uptick. A recent Kaspersky Lab study showed that in 2015, twice as many corporate computer networks had been hit by the cyber scheme as in the previous year.

The DOJ acknowledged that “many state and local governments victims” have also reached out to the FBI for help combatting ransomware attacks, although it did not give specific numbers. Reportedly, local police departments have paid ransoms ranging from $300 to $500 to unlock their systems.