May 2, 2016 by

FBI’s Advice to Ransomware Victims: Don’t Pay

In a new post warning about the relentless waves of ransomware attacks targeting businesses and individuals, the Federal Bureau of Investigation (FBI) has advised victims not to pay ransomware attackers.

The FBI has urged organizations to not give in to temptation and pay their extortionists in a bid to recover their data. Instead, the Bureau urged companies and organizations to stay vigilant while operating browsers and operating systems.

A common suggestion by the Bureau is that companies back up frequently. The Bureau also advises companies lock down access granted to individuals as well as urging admins to effectively manage configuration of directories, file systems and network shares.

Also, the FBI does not want companies paying a ransom in response to a ransomware attack.

FBI Cyber Division Assistant Director James Trainor stated:

Paying a ransom doesn’t guarantee an organization that it will get its data back – we’ve seen cases where organizations never got a decryption key after having paid the ransom.

He opined that a ransom paid only serves to embolden cybercriminals to target more organizations. Additionally, the chance of a lucrative payday even encourages cybercriminals to get involved in such illegal activities.

The FBI recommends two main areas of focus for organizations to steer clear of suchthreats. They are:

  • Prevention efforts – both in terms of awareness training for employees and robust technical prevention controls; and
  • The creation of a solid business continuity plan to ensure that operations continue without a hitch, in the event of a ransomware attack.

Trainor added:

There is no one method or tool that will completely protect you or your organization from a ransomware attack. But, contingency and remediation planning is crucial to business recovery and continuity – and these plans should be tested regularly.

Although ransomware attacks have been around for a few years, 2015 saw a marked increase in such cyberattacks. The increase was notable in organizations chosen as targets since the payoffs are higher than those obtained from everyday individuals. Ransomware attacks in 2016 aren’t showing any signs of stopping either, with malware authors and attackers employing new and sophisticated means to strike at their targets.

Image credit: Wikimedia.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

26% of Ransomware Attacks Target Corporate Businesses

New research from Kaspersky Lab has revealed that the number of ransomware attacks targeting...

Read more arrow_forward

Ransomware Payments to Hit a Record $2 Billion in 2017: Research

According to new research from a cybersecurity firm, ransomware payments will hit a high of $2...

Read more arrow_forward

UK Govt Blames North Korea for WannaCry Ransomware CyberAttack

  The UK government has blamed North Korea for WannaCry - the comprehensive ransomware...

Read more arrow_forward