FBI releases ransomware alert, annual report on internet crime

Mar 26, 2021 - 02:30 PM
FDAcybersecurity

The FBI this week released an alert on Mamba ransomware, which uses an open source encryptions software to encrypt and restrict access to a victim’s entire drive, including the operating system. Once encrypted, the system displays a ransom note instructing victims to contact the actor’s email address to pay the ransom in exchange for the decryption key. The alert includes recommended actions to protect systems from the ransomware threat. 

“The good news is that the Mamba ransomware has a flaw allowing victims to retrieve the decryption key without paying the ransom for about two hours until the ransom note is displayed, an opportunity for organizations to recover and restore their systems,” said John Riggi, AHA senior advisor for cybersecurity and risk.

Also this week, the FBI Internet Crime Complaint Center (IC3) reported a record 791,790 internet crime complaints from the American public in 2020, a 69% increase from 2019. Ransomware incidents continued to rise, with 2,474 incidents reported in 2020. 

“The IC3 annual report continues to document a steady increase in voluntarily reported cyber crimes of all types and across all sectors,” Riggi said. “Notably, phishing email and social engineering-based attacks nearly doubled in 2020 to 241,342. The FBI and I agree that the report may undercount the number of ransomware attacks and their impact. For example, it does not account for the fact that one ransomware attack on a single health system could disrupt health care services for multiple hospitals across multiple states, impacting thousands of patients.” 

FBI Deputy Director Paul Abbate, who oversees all FBI domestic and international investigative and intelligence activities, will discuss issues affecting the health care field, including threats to vaccine distribution and ransomware attacks that could disrupt patient care and jeopardize patient safety, during an AHA all-member call April 1. To register for the call, from 3-4:15 p.m. ET, click here. (Please note the registration page is not compatible with Internet Explorer, so please use another browser to register for the event.)

For more information on this topic or other cyber and risk issues, contact Riggi at jriggi@aha.org.
 

Related News Articles

Headline
CISA, FDA warn of vulnerabilities in Contec patient monitors 
The Cybersecurity and Infrastructure Security Agency and Food and Drug Administration Jan. 30 released notices warning of vulnerabilities found in the Contec…
Headline
Advisory details ransomware attacks on SimpleHelp remote access software
The AHA yesterday released an advisory alerting members that the association and the Health Information Sharing and Analysis Center have identified attempted…
Headline
Reports: Change Healthcare cyberattack exposed data of 190 million people
The ransomware attack last year against UnitedHealth Group subsidiary Change Healthcare exposed data of more than 190 million people — up from previous reports…
Headline
Advisory details how cyber actors deployed vulnerabilities in attack on Ivanti cloud products 
The Cybersecurity and Infrastructure Security Agency and FBI Jan. 22 released an advisory explaining how cyberthreat actors “chained” vulnerabilities —…
Headline
Agencies release guide on selecting and integrating security into operational technology products
A guide published Jan. 13 by the Cybersecurity and Infrastructure Security Agency, National Security Agency, FBI, Environmental Protection Agency,…
Headline
AHA podcast: How to Survive a Cyberattack with Scripps Health — Part Four
In the last of this four-part conversation, four leaders from Scripps Health — Chris Van Gorder, president and CEO, Todd Walbridge, senior director of…