FBI Response To Ransomware Is Bad Sign For Everyone

CyptoWall 4.0 is out in the wild. This is the newest ver­sion of a piece of mali­cious code that has stolen data and extort­ed more than $325 mil­lion from its vic­tims world­wide (half of that from the U.S. alone). This lat­est code release (so-called) even attempts to sweet talk it’s vic­tims by wel­com­ing them to their grow­ing com­mu­ni­ty!


And while this strain of ran­somware just gets more effec­tive, an FBI agent at the recent Cyber Secu­ri­ty Sum­mit 2015 was quot­ed that if you had no data back­up, it was best to pay the ran­som to get your files back.

The ran­somware is that good,” said Joseph Bonavolon­ta, the Assis­tant Spe­cial Agent in Charge of the FBI’s CYBER and Coun­ter­in­tel­li­gence Pro­gram in its Boston office. “To be hon­est, we often advise peo­ple just to pay the ran­som.”

The guy behind this and oth­er relat­ed ran­somware strains is on the FBI’s most want­ed list of cyber­crim­i­nals: Russ­ian hack­er Evgeniy Bogachev.

Russian national Evengiy Bogachev is shown in this Federal Bureau of Investigation (FBI) Wanted Poster in this handout provided by the FBI in Washington, D.C. February 24, 2015. The U.S. State Department and the FBI on Tuesday announced a $3 million reward for imfornation leading to the arrest or conviction of Bogacheve, the highest bounty U.S. authorities have ever offered in a cyber case. REUTERS/FBI/Handout via Reuters (UNITED STATES - Tags: CRIME LAW SCIENCE TECHNOLOGY)ATTENTION EDITORS - FOR EDITORIAL USE ONLY. NOT FOR SALE FOR MARKETING OR ADVERTISING CAMPAIGNS. THIS PICTURE WAS PROVIDED BY A THIRD PARTY. REUTERS IS UNABLE TO INDEPENDENTLY VERIFY THE AUTHENTICITY, CONTENT, LOCATION OR DATE OF THIS IMAGE. THIS PICTURE IS DISTRIBUTED EXACTLY AS RECEIVED BY REUTERS, AS A SERVICE TO CLIENTS - RTR4R0V9

Is this start­ing to resem­ble all those old wild west movies or what? Bad guy on the loose with every law­man try­ing to match up guys down at the local saloon with the descrip­tion on the most want­ed poster? In real­i­ty, the FBI in all like­li­hood knows where Bogachev is at but they can’t touch him due to lack of juris­dic­tion with no extra­di­tion, either. In the mean­time, the attacks con­tin­ue.

My take­away is this: The police are effec­tive­ly pow­er­less to stop the cyber shake­down of reg­u­lar cit­i­zens and orga­ni­za­tions of all types and sizes, includ­ing local police depart­ments.

If you are an exec­u­tive deci­sion mak­er at your orga­ni­za­tion, this new exter­nal real­i­ty is some­thing you need to fac­tor into your strate­gic plan­ning. Your orga­ni­za­tion needs to have a cyber­se­cu­ri­ty pro­gram that will pro­tect you from small inci­dents (like sin­gle com­put­er takeovers by Cryt­poWall) up to big busi­ness email com­pro­mis­es that can wipe out your new prod­uct bud­get (just ask the folks over at Ubiq­ui­ti Net­works who recent­ly got duped out of $46 mil­lion).

What­ev­er course of action you take, don’t act out of fear! That’s just what cyber­bul­lies like Bogachev want. Instead, try to see this as a great oppor­tu­ni­ty to make your orga­ni­za­tion more resilient to all sorts of nat­ur­al and man-made dis­rup­tions. After all, prepar­ing for one type of dis­rup­tion helps you get ready for all of them. Get a copy of NIST’s lat­est cyber­se­cu­ri­ty frame­work and eval­u­ate your­self against it. Find the gaps and put togeth­er a pro­gram to close them.

And, if you see Bogachev at hap­py hour, give the FBI a tip!

Please note: I reserve the right to delete comments that are offensive or off-topic.