This week’s blog begins a several week series on Ransomware adapted from the Internet Crime Complaint Center. The mission of the Internet Crime Complaint Center is to provide the public with a reliable and convenient reporting mechanism to submit information to the Federal Bureau of Investigation concerning suspected Internet-facilitated criminal activity and to develop effective alliances with law enforcement and industry partners. Information is analyzed and disseminated for investigative and intelligence purposes to law enforcement and for public awareness.
In it’s most recent post, the FBI is urging victims of ransomware to report their experiences to federal law enforcement to help the Agency gain a more comprehensive view of the current threat and its impact on U.S. victims.
Ransomware is a type of malware installed on a computer or server that encrypts the files, making them inaccessible until a specified ransom is paid. Ransomware is typically installed when a user clicks on a malicious link, opens a file in an e-mail that installs the malware, or through drive-by downloads (which does not require user-initiation) from a compromised Web site.
Ransomware infections impact individual users and businesses regardless of size or industry by causing service disruptions, financial loss, and in some cases, permanent loss of valuable data. While ransomware infection statistics are often highlighted in the media and by computer security companies, it has been challenging for the FBI to ascertain the true number of ransomware victims as many infections go unreported to law enforcement.
The FBI is urging victims to report ransomware incidents regardless of the outcome. Victim reporting provides law enforcement with a greater understanding of the threat, provides justification for ransomware investigations, and contributes relevant information to ongoing ransomware cases. Knowing more about victims and their experiences with ransomware will help the FBI to determine who is behind the attacks and how they are identifying or targeting victims.
What to Report to Law Enforcement
The FBI is requesting victims reach out to their local FBI office and/or file a complaint with the Internet Crime Complaint Center, at www.IC3.gov, with the following ransomware infection details (as applicable):
1. Date of Infection
2. Ransomware Variant (identified on the ransom page or by the encrypted file extension)
3. Victim Company Information (industry type, business size, etc.)
4. How the Infection Occurred (link in e-mail, browsing the Internet, etc.)
5. Requested Ransom Amount
6. Actor’s Bitcoin Wallet Address (may be listed on the ransom page)
7. Ransom Amount Paid (if any)
8. Overall Losses Associated with a Ransomware Infection (including the ransom amount)
9. Victim Impact Statement
More on the impact of ransomware in upcoming weeks.
For more information on identity theft best practices, please visit www.legalshred.com