The Federal Bureau of Investigation (FBI) recently issued a PSA asking ransomware victims to support the fight against ransomware through “reporting ransomware incidents regardless of outcome.” Ideally, this will allow law enforcement to better understand the growing number of ransomware threats, initiate ransomware investigations and contribute insight to ongoing ransomware cases. With more information regarding ransomware victims, the PSA explains, the FBI can work with law enforcement to determine who cybercriminals tend to target and who is behind the attacks.
In the first few months of 2016, the number of ransomware cases increased exponentially – one version of ransomware supposedly compromised an estimated 100,000 computers a day. However, it has been a challenge for the FBI to fully understand the scope of the problem as many cases go unreported. The document also provides defensive strategies for individuals and businesses to follow and makes it clear that the FBI recommends never paying a ransom for a variety of reasons. There are no guarantees the victim will ultimately regain their data and doing so would provide the incentive to launch more attacks. To report such information, the FBI asks to contact their local FBI office or file a complaint with the Internet Crime Complaint Cente at www.IC3.gov. The FBI explains the following information can be useful when investigating ransomware cases:
- Date of Infection
- Ransomware Variant
- Victim Company Information
- How the Infection Occurred
- Requested Ransom Amount
- Actor’s Bitcoin Wallet Address
- Ransom Amount Paid
- Overall Losses Associated with a Ransomware Infection Victim Impact Statement