If a company gets hacked, the FBI says it will do everything in its power to catch the hackers and regain control of the lost data. That is, unless the victim is hit with a ransomware attack, which takes a user's data hostage until they agree to pay a fee in bitcoin -- often worth thousands of dollars.
“To be honest, we often advise people to just pay the ransom,” Joseph Bonavolonta, assistant special agent at the FBI's Cyber and Counterintelligence Program said, as quoted by the Register Tuesday. “The ransomware is that good.”
Bonavolonta was referring to Cryptolocker, Cryptowall and other advanced forms of ransomware that top U.S. law enforcement is just not able to crack. Victims are often infected via a malicious email attachment that appears to be from a friend and have a limited time window to pay up in bitcoin or have no choice but to kiss that data goodbye forever.
Individuals have been at risk for years, but small businesses are increasingly being targeted for the value of their data and their ability to pay the fee.
Local police departments in Maine and Massachusetts have previously paid ransomware demands after failing to find a means of decrypting their data. Paying up might encourage fraudsters to deploy the scam again, experts have said, but there aren't any other options for a victim who needs to access that data.
“It's still a relatively new form of cybercrime, but it's becoming one of the most popular criminal business models, and that's because it works,” Stu Sjouwerman, founder and CEO of the cybersecurity company KnowBe4, previously told International Business Times. “There's no good way to get rid of it if you're infected.”