Last week, FBI Assistant Special Agent Joseph Bonavolonta – who is head of the FBI’s CYBER and Counterintelligence Program in Boston – made some startling comments regarding what people (and corporations) should do if they become infected with ransomware.
Ransomware is the common name given to a type of malware that cybercriminals use to remotely take control of computers, smartphones, or tablets in order to get a ransom fee. Hackers achieve this by locking up a victim’s device with encryption until a ransom has been settled. Shockingly, at a conference last week, FBI Agent Bonavolonta suggested that if you suffer the misfortune of being held to ransom with certain (sophisticated) versions of this malware the best course of action may well be to pay the ransom. ‘The ransomware is that good,’ he said.
These startling comments were delivered during last week’s Cyber Security Summit in Boston, where Mr. Bonavolonta addressed a room filled with an assortment of top technology and business experts. During his presentation, the FBI agent explained that unfortunately some of the malware currently in circulation is too well designed for the FBI to be able to actually do anything if you are hit. Despite this, he does recommend that if US citizens or firms become infected they should inform the bureau at once – so that they may continue to monitor the hackers progress.
According to Banavolonta, when the bureau is informed about ransom-hacks involving sophisticated software such as Cryptolocker, Cryptowall or Reveton (all of which lock user data behind a veil of encryption) the cryptography in the software is far too strong for the bureau to be able to crack it. ‘To be honest, we often advise people just to pay the ransom,’ he said.
Nothing you can do
If this is the first time that you are hearing about ransomware, then you may want to be aware that this is nothing new. In reality, hackers have been holding computers ransom for around a decade (although it is true that in the last three years it has become much more prevalent). That is because any hacker that knows how to get the ransomware onto somebody’s computer knows that the economic rewards can be great – and the ease with which it can be spread – often means that hackers stand to make vast sums of money by utilising it.
’The amount of money made by these criminals is enormous, and that’s because the overwhelming majority of institutions just pay the ransom,’ said Bonovalonta at the cybersecurity conference.
The software in question is usually forced onto a computer, or device, via an infected email, download or malicious website. Once there, the malware does not always just lock up the primary target; annoyingly it can also lock up all the other directories that are accessible from the device. This means that for a victim who is in urgent need of regaining control of their system, often there is no option but to pay up the ransom money.
It’s going to cost you
Bonovalonta is not joking when he says ‘enormous’ sums of money either. It is believed that between April 2014 to June 2015 a ransomware called Cryptowall accumulated hackers an irresistible $18 million. Individuals that are affected by the malware are often asked for around $200, whereas businesses can be held to the tune of $10,000, or even more.
Thankfully there is some good news. Firstly, according to Bonavolonta the large amount of people that have been affected by ransomware may actually be keeping the ransom low. Hackers working under the assumption that individuals are more likely to simply pay up if the sum is affordable. Small mercies. The other good news is that the ransom-hackers are more often than not an honest breed of villains – who according to the FBI agent – are pleasant enough (once paid in full) to return access to a compromised device: “You do get your access back,” he commented.
So, if you happen to become infected with malware that asks you for a ransom – don’t expect any help! Simply follow the FBI’s friendly advice, and pay the kind cyber criminal at once! You’ve been told!
(For a more useful course of action, here is an excellent article on how you can protect yourself from possible ransomware infections, and what your options are if you are infected.)