The U.S. Federal Bureau of Investigation (FBI) last week issued a public service announcement encouraging victims of ransomware attacks to report those incidents in order to help the FBI achieve a better understanding of such attacks and their impact on victims.
The FBI defined the attacks:
Ransomware is a type of malware installed on a computer or server that encrypts the files, making them inaccessible until a specified ransom is paid. Ransomware is typically installed when a user clicks on a malicious link, opens a file in an e-mail that installs the malware, or through drive-by downloads (which does not require user-initiation) from a compromised Web site.
Ransomware attacks have gotten more sophisticated and harmful:
Recent variants have targeted and compromised vulnerable business servers (rather than individual users) to identify and target hosts, thereby multiplying the number of potential infected servers and devices on a network. Actors engaging in this targeting strategy are also charging ransoms based on the number of host (or servers) infected. Additionally, recent victims who have been infected with these types of ransomware variants have not been provided the decryption keys for all their files after paying the ransom, and some have been extorted for even more money after payment.
The FBI does not support paying the demanded ransoms because there is no guarantee that victims will regain access to their data. However, the agency does recognize that businesses faced with “inoperability issues … will evaluate all options to protect their shareholders, employees, and customers.”
The full announcement is available on the Internet Crime Complaint Center (IC3) website.
The latest data breach count from the Identity Theft Resource Center (ITRC) reports that there have been 687 data breaches recorded this year through September 20, 2016, and that nearly 29 million records have been exposed since the beginning of the year. The total number of reported breaches increased by 30 since ITRC’s last report on September 8.
The number of breaches in 2015 totaled 781, just two shy of the record 783 breaches that ITRC tracked in 2014. The 687 data breaches reported so far for 2016 are nearly 16% above the number reported (594) for the same period last year. A total of more than 169 million records were exposed in 2015.
Here’s a rundown of the latest ITRC report:
- Medical/health care leads all sectors in the number of records compromised to date in 2016. The sector has posted 36.2% (249) of all data breaches to date this year. The number of records exposed in these breaches totaled nearly 13.6 million, or about 47.2% of the total so far in 2016.
- The government/military sector has suffered 49 data breaches so far this year, representing about 42.6% of the total number of records exposed and 7.1% of the incidents. More than 12 million records have been compromised in the government/military sector to date.
- The business sector accounts for more than 2.5 million exposed records in 299 incidents. That represents 43.5% of the incidents, and 8.7% of the exposed records.
- The number of banking/credit/financial breaches totals 24 for the year to date and involves more than 25,000 records, some 3.5% of the total number of breaches and about 0.1% of the records exposed.
- The educational sector has seen 66 data breaches in 2016. The sector accounts for 9.6% of all breaches for the year and more than 400,000 exposed records, about 1.4% of the total so far this year.
Since beginning to track data breaches in 2005, ITRC had counted 6,497 breaches through September 20, 2016, involving more than 880 million records.