Senators Want Government Ransomware Update

Two US senators have written to the Department of Homeland Security (DHS) and Attorney General seeking more information on how the government is keeping federal PCs free of ransomware.

Tom Carper and Ron Johnson sent the missives to Jeh Johnson and Loretta Lynch following the rise of variants such as CryptoLocker, CryptoWall and CryptoDefense.

CryptoLocker managed to make its owners $27 million in just two months, while CryptoWall has netted hackers over $18 million, the senators claimed.

They wanted to know how the Department of Justice, DHS, US-CERT and Secret Service share and disseminate threat intel and what the DoJ is doing to combat the increasingly sophisticated botnets driving the ransomware epidemic.

They also asked about whether there was a risk of infection inside the government.

The letter to Lynch had the following:

“Recent news reports suggest ransomware attackers are also targeting public safety and law enforcement agencies. Have federal, state, or local governments sought DOJ or FBI’s help to remove ransomware from their computers? If so, please describe the nature of any assistance sought, whether agencies have paid ransoms to remove ransomware, and whether DOJ or the FBI was able to decrypt the computer systems.”

A letter to Johnson asked the same of the DHS.

Ransomware authors appear to be continually refining and adapting their wares to improve the hit rate.

Most recently, a new version of CryptoWall has been spotted with an improved ability to evade security filters.

In fact, CryptoWall 4.0 is doing the rounds in a new drive-by campaign also featuring infamous data stealing malware Pony and the notorious Angler Exploit Kit.

The servers used in the attacks were mainly located in Ukraine, according to security vendor Heimdal Security.

The firm said that it blocked over 200 domains used to spread CryptoWall 4.0 in just 24 hours last week.

“Not even a month has passed since we announced the advent of CryptoWall 4.0 and its improved communication and capabilities and it’s already being used in campaigns,” it added in a blog post.

“Cyber-criminals have a way of rapidly adopting new strains of malware that prove to be more effective and more productive in terms of return on investment.”

Photo © Picturis90

What’s Hot on Infosecurity Magazine?