US, Canada Warn Against Ransomware, Extortion Attacks

The emergence of ransomware is getting more prevalent since the start of 2016. It has crippled major establishments and caused the government to raise alarms.

These harmful software target any computer and encrypts the user's files and data, restricting access. It then demands a ransom to be paid if the user wishes to decrypt the files and restore access.

Recent attacks of the malware have targeted hospitals across the U.S., causing these medical establishments to shut down their operations and in turn, affect the healthcare system.

Just last month, LA hospital Hollywood Presbyterian gave in to its attackers and paid a ransom of $17,000 to regain access to its systems.

Last week, Methodist Hospital in Kentucky fell victim to the ransomware and had to declare an "internal state of emergency."

The U.S. capital region's largest healthcare provider, MedStar, was not spared and is now shutting down most of its systems to weaken the spread of the ransomware across its systems. Attackers encrypted most of MedStar's data and had demanded a ransom of $18,500.

A recent report, issued March 31, by The United States Department of Homeland Security (DHS), in collaboration with Canadian Cyber Incident Response Center (CCIRC), is calling for vigilance to keep the ransomware from propagating any further.

Ransomware can be obtained from a number of ways: opening unsolicited e-mail with infected attachments; unknowingly downloading the malware by just visiting an infected website (drive-by downloads); and receiving malicious files through social media messaging platforms. Vulnerable websites canbe attacked as well and its network breached by the malware.

Infected systems may not only contain the ransomware but other malware too. In the case of CryptoLocker, malicious files are downloaded once a user opens an unsolicited e-mail. The files contain Upatre, a malware downloader, which installs GameOver Zeus on the system. GameOver Zeus will gather personal, legal and billing information from the user. Upatre then downloads CryptoLocker, which locks down the whole system and prompts the user with a ransom.

This ransomware is effective because it will "instill fear and panic into their victims, causing them to click on a link or pay a ransom, and user's systems can become infected with additional malware." The agency, however, warns that paying the ransom does not guarantee decryption nor removal of the ransomware. They add that "it only guarantees that the malicious actors receive the victim's money, and in some cases, their banking information."

These infections can cause major damages to a user or establishment's operations and recovery may require "services of a reputable date recovery specialist." The report suggests that people be more wary of what they visit, open and download on the Internet as negligence warrants vulnerability. Listed on their announcement is a number of ways people may protect their systems and avoid fatal attacks by ransomware.

Picture: Christiaan Colen | Flickr

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics