The use of ransomware is on the rise. Hackers and bad actors ranging
from independent amateurs to sophisticated, organized cartels are using
the latest malware techniques, strong encryption and secure online
payment systems to extort millions of dollars from people and
organizations who just want their data back.
These attacks are hitting organizations in every sector, and the federal government is by no means immune.
Ransomware — a class of malware that locks users out of a system or restricts access to data until a ransom is paid — is not new. But a surge of malicious encryption tools and the high-profit potential have made it a go-to tactic for cyber criminals.
Moreover, unprepared victims who suffer a successful attack have little recourse other than pay up or see their data lost forever.
“It’s really profitable, there’s very little risk, it’s really easy to get the ransom — to make the payoff — and you don’t have to go resell [the data] anywhere,” said Kevin Haley, director of product management for Symantec Security Response. “It’s pure profit, it’s really easy to do, so we’re seeing everybody get involved in the game.”
While no federal agencies have admitted to suffering from a
successful, large-scale ransomware attack, it’s likely only a matter of
time, according to officials.
But feds have been targeted. According to figures from the Department of Homeland Security, there have been 321 incidents since June 2015 in which bad actors attempted to put ransom malware on federal systems, affecting some 29 separate agency networks.
To date, the majority of successful attempts only affected user workstations and not entire network enterprises.
“In all cases, the system was removed from the network and replaced with a new, clean system with minimal impact to the user and agency,” according to a letter from DHS in response to questions from Sen. Tom Carper, D-Del. “The department is not aware of any instances in which federal agencies paid a malicious actor to remove ransomware from a government computer.”
But just because ransomware hasn’t had a significant effect on federal networks “doesn’t mean it won’t,” Phyllis Schneck, deputy undersecretary for cybersecurity and communications at DHS’s National Protection and Programs Directorate (NPPD), told Federal Times. “And it certainly doesn’t mean it isn’t just waiting,” with malware lurking behind the scenes ready to pounce, she added.
The amount of sensitive data agencies hold and the critical nature of many of their missions make the federal government a prime target. And as ransomware becomes more widespread and the business model improves, it’s only a matter of time before an agency is faced with a difficult decision: pay the criminals or lose the data.
These attacks are hitting organizations in every sector, and the federal government is by no means immune.
Ransomware — a class of malware that locks users out of a system or restricts access to data until a ransom is paid — is not new. But a surge of malicious encryption tools and the high-profit potential have made it a go-to tactic for cyber criminals.
Moreover, unprepared victims who suffer a successful attack have little recourse other than pay up or see their data lost forever.
“It’s really profitable, there’s very little risk, it’s really easy to get the ransom — to make the payoff — and you don’t have to go resell [the data] anywhere,” said Kevin Haley, director of product management for Symantec Security Response. “It’s pure profit, it’s really easy to do, so we’re seeing everybody get involved in the game.”
But feds have been targeted. According to figures from the Department of Homeland Security, there have been 321 incidents since June 2015 in which bad actors attempted to put ransom malware on federal systems, affecting some 29 separate agency networks.
To date, the majority of successful attempts only affected user workstations and not entire network enterprises.
“In all cases, the system was removed from the network and replaced with a new, clean system with minimal impact to the user and agency,” according to a letter from DHS in response to questions from Sen. Tom Carper, D-Del. “The department is not aware of any instances in which federal agencies paid a malicious actor to remove ransomware from a government computer.”
But just because ransomware hasn’t had a significant effect on federal networks “doesn’t mean it won’t,” Phyllis Schneck, deputy undersecretary for cybersecurity and communications at DHS’s National Protection and Programs Directorate (NPPD), told Federal Times. “And it certainly doesn’t mean it isn’t just waiting,” with malware lurking behind the scenes ready to pounce, she added.
The amount of sensitive data agencies hold and the critical nature of many of their missions make the federal government a prime target. And as ransomware becomes more widespread and the business model improves, it’s only a matter of time before an agency is faced with a difficult decision: pay the criminals or lose the data.
Комментариев нет:
Отправить комментарий