“We are experiencing the most significant cyber security threat we’ve ever seen in the United States.” FBI

Ransomware is malware that locks your computer and mobile devices or encrypts your electronic files. When this happens, you can’t get to the data unless you pay a ransom. However this is not guaranteed. The general advice is not to pay the ransom. By sending your money to cybercriminals you’ll only confirm that ransomware works, and there’s no guarantee you’ll get the decryption software key you need in return.

FBI warns of attacks

Federal agencies warned that cybercriminals are unleashing a wave of data-scrambling extortion attempts against the U.S. health care system designed to lock up hospital information systems, which could hurt patient care just as nationwide cases of COVID-19 are spiking.

The FBI and two federal agencies warned that they had “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” The alert said malicious groups are targeting the sector with attacks that produce “data theft and disruption of healthcare services.”

Independent security experts say ransomware has already hobbled at least five U.S. hospitals, and could potentially impact hundreds more.

⚠️ There is an imminent and increased cybercrime threat to U.S. hospitals and healthcare providers.

We released an advisory with the @FBI & @HHSgov about this #ransomware threat that uses #Trickbot and #Ryuk malware. Here is how to mitigate your risk: https://t.co/joBOCx5Usk

— Cybersecurity and Infrastructure Security Agency (@CISAgov) October 29, 2020

Prevention is possible

Following simple cyber security advice can help you to avoid becoming a victim of ransomware.

How to prevent a ransomware attack, according to NoMoreRansom.com:

1. Back-up! Back-up! Back-up! Have a recovery system in place so a ransomware infection can’t destroy your personal data forever. It’s best to create two back-up copies: one to be stored in the cloud (remember to use a service that makes an automatic backup of your files) and one to store physically (portable hard drive, thumb drive, extra laptop, etc.). Disconnect these from your computer when you are done. Your back up copies will also come in handy should you accidentally delete a critical file or experience a hard drive failure.
2. Use robust antivirus software to protect your system from ransomware. Do not switch off the ‘heuristic functions’ as these help the solution to catch samples of ransomware that have not yet been formally detected.
3. Keep all the software on your computer up to date. When your operating system (OS) or applications release a new version, install it. And if the software offers the option of automatic updating, take it.
4. Trust no one. Literally. Any account can be compromised and malicious links can be sent from the accounts of friends on social media, colleagues or an online gaming partner. Never open attachments in emails from someone you don’t know. Cybercriminals often distribute fake email messages that look very much like email notifications from an online store, a bank, the police, a court or a tax collection agency, luring recipients into clicking on a malicious link and releasing the malware into their system.
5. Enable the ‘Show file extensions’ option in the Windows settings on your computer. This will make it much easier to spot potentially malicious files. Stay away from file extensions like ‘.exe’, ‘.vbs’ and ‘.scr’. Scammers can use several extensions to disguise a malicious file as a video, photo, or document.
6. Prevent the infection from spreading. If you discover a rogue or unknown process on your machine, disconnect it immediately from the internet or other network connections (such as home Wi-Fi) — this will prevent the infection from spreading.

There is some good news; sometimes it is possible for infected users to regain access to their encrypted files or locked systems, without having to pay cybercriminals. The site, NoMoreRansom.org, has created a repository of keys and applications that can decrypt data locked by different types of ransomware.

References:

1. https://www.nomoreransom.org/en/prevention-advice.html
2. https://finance.yahoo.com/news/fbi-warns-ransomware-assault-threatens-045020352.html?utm_content=buffereda70&utm_medium=social&utm_source=facebook.com&utm_campaign=yahoofinance&fbclid=iwar3oe_50gpble_5qsdzzfisph9mrzoqntgrbtpwe4ypxcfxbjlsimxeqvqg&guccounter=1&guce_referrer=aHR0cDovL20uZmFjZWJvb2suY29t&guce_referrer_sig=AQAAAJNntoT0-u5WR8b7u270VS8dxLGxdRqAV_CKIjMruMa158Szv2KzHYHYZwfQbkGZkRu2mLDRpWIX4G27oN-LlCeb7PD706F51B87qLrCWoh5sC-EQfnccM4CFMfu8KAtB5-pca-gn8eGCkv3LL5OjsoZjCKF2XKoV12OG5zszKhA