The FBI yesterday issued a new public service announcement regarding the ongoing ransomware epidemic, emphasizing that attacks are becoming more targeted since early 2018, with losses increasingly significantly in that time.
The alert is intended to update and supplement a previous ransomware warning that the FBI issued back in September 2016, and specifically identifies state and local governments, health care providers, industrial companies and the transportation sector as key targets.
The new PSA also lists common infection vectors; namely, email phishing campaigns, Remote Desktop Protocol vulnerabilities and software vulnerabilities.
As in 2016, the FBI recommends that victims avoid paying attackers' ransom demands. "Paying ransoms emboldens criminals to target other organizations and provides an alluring and lucrative enterprise to other criminals," the advisory states, adding that victims are not guaranteed to get their data back intact even if they do pay.
The FBI is encouraging ransomware victims to report incidents to law enforcement, and suggests companies defending themselves by following best practices, including backing up data, emphasizing awareness and training, regularly patching, automatically updating AV and anti-malware solutions, disabling macros scripts and more.