FBI has issued a high impact cyber threat to all businesses and organizations operating in the United States and has urged the company and organizations heads to report ransomware incidents as soon as possible to the federal law to help create a detailed picture of the cyber threat.
In the past few months, ransomware attacks against public and private entities have increased enormously as in 2019 alone over 621 hospitals, 500 schools, and 169 businesses in the whole of the United States were hit by the said malware variant.
Now, the FBI has issued a fresh alert against healthcare organizations, industries, and the transport sector and urged them to be vigilant and stay active in monitoring cyber threats of any scale on their IT Infrastructure.
The law enforcement agency suspects that some state-funded hackers might target multinational entities with attack techniques such as remote desktop protocol attacks, exploiting vulnerabilities in server software and targeting C –level employees with email phishing campaigns.
Mitigation suggestions include keeping the operating systems up to date, keeping the device firmware up to date and then maintaining backups that can be used at the time of disaster to keep the data continuity intact.
FBI’s Public Service announcement specifies not to pay a ransom in case of ransomware attacks as it propels cybercrime further making the threat vector an easy source of income to threat actors.
Citing an example of the City of Bedford located in Massachusetts the law enforcement highlighted and applauded the officials for not paying $5.3 million to hackers and instead employing delaying tactics against the attacker to rebuild the systems.
Regardless of whether a victim pays a ransom or not, the FBI is asking victims to report the incident as soon as possible.
Shortly, only incidents reported to the law enforcement agencies and those who are shared on public platforms might be eligible for a full cyber insurance claim.