FBI Puts out Ransomware Alert Seeking Help from Companies, Researchers

FBI

The FBI has put out an alert seeking help from businesses and security experts for emergency assistance in a ransomware investigation. The ransomware virus is a new strain called MSIL/Samas.A.

The alert was obtained by Reuters who revealed that the FBI stated in a confidential “Flash” advisory: “We need your help!”. The alert was issued on Friday, March 25 and focused on a new strain of ransomware called MSIL/Samas.A.

The FBI first reported on the ransomware back in Feb 18 that did not seek help the way the latest alert did. The strain of ransomware was particularly targeting out-of-date versions of a certain type of business software called JBOSS.

The alert stated that the newly discovered ransomware sought to encrypt data on entire networks. This is a staggeringly gloomy prospect, since ransomware normally targets individual computers, rather than entire networks of them.

The alert came with a plea, asking recipients who were businesses and software security experts for “emergency assistance” in an investigation by the FBI into the new malware.

The plea sought recipients to immediately reach out to the FBI’s CYWATCH cyber center division if they discovered any evidence of an attack involving the ransomware. The same applies for any information or knowledge about the ransomware scavenged by security researchers.

The latest report revealed that FBI investigators determined that the malicious hackers deploying the ransomware and initially making use of JexBoss, a software tool used to automatically discover any vulnerable JBOSS-running networks. Once determined, a ransomware attack is launched, allowing the hackers to remotely install ransomware onto the computers.

The FBI also included a list of technical indicators to aid companies in determining if they were victims of such an attack. The advisory further stated:

The FBI is distributing these indicators to enable network defense activities and reduce the risk of similar attacks in the future.

Companies and businesses that rely on computers for critical functions are those hit hardest by ransomware, because cybercriminals know the importance of computers in the day-to-day business activities of such businesses. For instance, hospitals and police have notably paid ransoms in recent times in order to recover data that is essential for their professions.

Image credit: Wikimedia.