According to Reuters, the FBI is now working with several firms in the United States to try to find a particularly nasty strain of ransomware which could be circulating through many corporations and businesses within the country. According to the report, the FBI has been analyzing a specific strain of the ransomware referred to as MSIL/Samas which not only is able to attack specific single computers but has the capability of encrypting whole groups of data across the entire network.
Ransomware is a malware program that encrypts the files on infected machines. Once this occurs, hackers negotiate with the company that has been infected to provide software that will un-encrypt the data as long as a heavy price, or ransom, is paid to do so. This strategy became particularly popular among Russian hackers, but has found its way into countries all over the world.
The memo that was sent out by the FBI to U.S. Firms asked for assistance in helping to discover who was behind this most recent strain. According to the report a security program, referred to as Jexboss, is used to scan networks and find issues where they may be vulnerable to this kind of attack. When the malware program finds a system that is vulnerable, it then activates the virus so that the data on the servers is scrambled in such a way that it cannot be used. What makes this virus particularly nasty is that it is able to find and delete all the backup files that a firm may have, not allowing for restored data to be used.
One of the industries that the FBI is most concerned with is the healthcare field. Because of the confidentiality of patient records and the need to have data immediately to be able to provide proper patient care, malware such as this can be costly in terms of dollars and also in terms of lives. Early versions of malware used against healthcare facilities garnered as much as 1.5 million in bitcoins to be able to regain the data.
A recent ransomware program that was released, Petya, was able to attack the Windows operating system. This malware denied the computer its ability to start up, as hackers demanded heavy payments if the users wanted to be able to retrieve access to their computer. The data security company Trend Micro explained that the email this virus was sent in usually came from people claiming to be looking for work.
- Prada seeks younger customers in bid for growth
- Lotte vice chairman Lee In-won found dead
- German business confidence falls post-Brexit, says Ifo
- Tesla touts speed and driving range with new upgraded battery
- Stocks creep up amid Fed limbo, dollar dips leftright 22leftright 12leftright
- China Crinkles Aluminum Foil Makers
- Cisco to lay off about 14,000 employees: tech news site CRN leftright 22leftright
- UK to avoid recession and world economy to ‘stabilise’ as Brexit shock passes - but US poses biggest risk to global growth
- Fuel prices push up UK inflation rate to 0.6%
- Humidity 47%
- Winds 0 kph