FBI: High-Impact Ransomware Attacks Threaten US Businesses and Organizations

The FBI’s Internet Crime Complaint Center (IC3) has released a Public Service Announcement (PSA) regarding the constantly evolving ransomware threat. According to the PSA, ransomware attacks are becoming more targeted, sophisticated, and costly, even as the overall frequency of attacks remains consistent. Since early 2018, the incidence of broad, indiscriminate ransomware campaigns has sharply declined, but the losses from ransomware attacks have increased significantly, according to complaints received by IC3 and FBI case information. In the PSA, the FBI emphasizes that it does not advocate paying a ransom, in part because it does not guarantee an organization will regain access to its data. In some cases, victims who paid a ransom were never provided with decryption keys. It adds that paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals. However, the FBI acknowledges that it understands that when businesses are faced with an inability to function, executives will evaluate all options to protect their shareholders, employees, and customers. To help prevent organizations from ever having to make such a decision, the announcement includes a list of best practices for defending themselves against ransomware. Read the PSA at FBI IC3.