FBI releases ransomware alert, annual report on internet crime

Mar 26, 2021 - 02:30 PM
Cybersecurity Lock on Gold Wall

The FBI this week released an alert on Mamba ransomware, which uses an open source encryptions software to encrypt and restrict access to a victim’s entire drive, including the operating system. Once encrypted, the system displays a ransom note instructing victims to contact the actor’s email address to pay the ransom in exchange for the decryption key. The alert includes recommended actions to protect systems from the ransomware threat. 

“The good news is that the Mamba ransomware has a flaw allowing victims to retrieve the decryption key without paying the ransom for about two hours until the ransom note is displayed, an opportunity for organizations to recover and restore their systems,” said John Riggi, AHA senior advisor for cybersecurity and risk.

Also this week, the FBI Internet Crime Complaint Center (IC3) reported a record 791,790 internet crime complaints from the American public in 2020, a 69% increase from 2019. Ransomware incidents continued to rise, with 2,474 incidents reported in 2020. 

“The IC3 annual report continues to document a steady increase in voluntarily reported cyber crimes of all types and across all sectors,” Riggi said. “Notably, phishing email and social engineering-based attacks nearly doubled in 2020 to 241,342. The FBI and I agree that the report may undercount the number of ransomware attacks and their impact. For example, it does not account for the fact that one ransomware attack on a single health system could disrupt health care services for multiple hospitals across multiple states, impacting thousands of patients.” 

FBI Deputy Director Paul Abbate, who oversees all FBI domestic and international investigative and intelligence activities, will discuss issues affecting the health care field, including threats to vaccine distribution and ransomware attacks that could disrupt patient care and jeopardize patient safety, during an AHA all-member call April 1. To register for the call, from 3-4:15 p.m. ET, click here. (Please note the registration page is not compatible with Internet Explorer, so please use another browser to register for the event.)

For more information on this topic or other cyber and risk issues, contact Riggi at jriggi@aha.org.
 

Related News Articles

Headline
CISA warns of vulnerability in F5 BIG-IP products
The Cybersecurity and Infrastructure Security Agency Oct. 15 released an emergency directive advising federal agencies to take stock of their F5 BIG-IP…
Headline
AHA blog: 2025 Cybersecurity Year in Review, Part One — Breaches and Defensive Measures
In part one of a new blog, John Riggi, AHA national advisor for cybersecurity and risk, and Scott Gee, AHA deputy national advisor for cybersecurity and risk,…
Perspective
Protecting Patients and Hospitals from Cyberattacks
Public
This week, the FBI issued an urgent warning to all users — including hospitals — of a critical security soft spot within Oracle’s E-Business Suite, stating “…
Headline
HSCC launches toolkit to strengthen essential health care services and prevent cyberattacks
The Health Sector Coordinating Council Oct. 7 released its Sector Mapping and Risk Toolkit, created to help health care providers and other organizations…
AHA Cyber Intel
2025 Cybersecurity Year in Review, Part One: Breaches and Defensive Measures
As of Oct. 3, 2025, 364 hacking incidents had been reported to the U.S. Department of Health and Human Services Office for Civil Rights, affecting over 33…
Headline
Urgent action recommended on critical Oracle vulnerability
The AHA Oct. 6 released a Cybersecurity Advisory urging immediate action against a critical Oracle E-Business Suite vulnerability that is remotely exploitable…