The Federal Bureau of Investigation (FBI) released a warning to U.S. businesses and organizations Wednesday regarding high-impact threats across the country. Numerous cyberattacks have been documented recently involving ransomware. Despite the ever-evolving attack strategies, the FBI highlights three main attack techniques that are being used by criminals to avoid detection and infiltrate businesses and organizations: email phishing campaigns, remote desktop protocol vulnerabilities and software vulnerabilities.
Ransomware attacks have historically been focused on government agencies, schools, and financial firms. Now, ransomware campaigns are targeting health care organizations, industrial companies, and the transportation sector. “Companies of all sizes across all verticals need to be prepared for ransomware and have in place not only technical controls to prevent, detect, and respond to it, but also raise security awareness among staff so that any attempts to install ransomware via phishing or other social engineering attacks can be thwarted,” stated Javvad Malik, security awareness advocate at KnowBe4 in light of the most recent attack that left three Alabama hospitals crippled and unable to accept new patients since October 1st.
Security awareness training, up-to-date software and firmware, and verified regular backups of systems remain the best defense against attacks. If your facility does fall victim to a ransom attack, the FBI stands firm on their statement to NOT pay the ransom. “Paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals,” says the FBI. There is no guarantee that you will actually get the decryption key once monies are paid, and several malware strains can be beaten with free available decryption tools (several found here). Regardless of whether your pay or not, The FBI strongly urges victims to report the incident to your local authorities.