The U.S. National Cyber Investigative Joint Task Force (NCIJTF) published a new ransomware fact sheet intending to spread public awareness on the ransomware threat landscape. The fact sheet details the critical information on the current ransomware threat scenario and the government’s response to it. Besides, the sheet describes the common infection vectors, tools for attack prevention, and the contacts in the event of a ransomware attack.
The NCIJTF is responsible for coordinating, integrating, and sharing information in support of cyberthreat investigations, supporting intelligence analysis for community decision-makers, and providing value to other ongoing efforts in the fight against cyberthreats to the nation.
NCIJTF estimated that victims paid over $144.35 million in Bitcoin as ransom between 2013 and 2019. While ransomware attacks can impact any business in any sector, the FBI is particularly concerned about attacks on the networks of police and fire departments, state, local, territorial governments, municipalities, hospitals, and other critical infrastructure. “These types of attacks can delay first responders in responding to emergencies or prevent a hospital from accessing lifesaving equipment. It is imperative these organizations be prepared in the face of the ransomware threat,” the FBI said.
Common Ransomware Attack Vectors
Though ransomware operators leverage various attack methods to spread malware, the most common attack vectors include:
- Email Phishing Campaigns
- Exploiting Remote Desktop Protocol (RDP) Flaws
- Misusing Software Vulnerabilities
How to Minimize Ransomware Risks
- Backup your data, system images, and configurations Test your backups and keep the backups offline.
- Enable multi-factor authentication.
- Update and patch systems.
- Make sure your security solutions are up to date.
- Review and exercise your incident response plan.
NCIJTF advised the victims of ransomware attacks to file a complaint with Law Enforcement Authority or report the incident to the Internet Crime Complaint Center (IC3) or the Cybersecurity and Infrastructure Security Agency (CISA).