FBI releases ransomware alert, annual report on internet crime

The FBI this week released an alert on Mamba ransomware, which uses an open source encryptions software to encrypt and restrict access to a victim’s entire drive, including the operating system. Once encrypted, the system displays a ransom note instructing victims to contact the actor’s email address to pay the ransom in exchange for the decryption key. The alert includes recommended actions to protect systems from the ransomware threat. 

“The good news is that the Mamba ransomware has a flaw allowing victims to retrieve the decryption key without paying the ransom for about two hours until the ransom note is displayed, an opportunity for organizations to recover and restore their systems,” said John Riggi, AHA senior advisor for cybersecurity and risk.

Also this week, the FBI Internet Crime Complaint Center (IC3) reported a record 791,790 internet crime complaints from the American public in 2020, a 69% increase from 2019. Ransomware incidents continued to rise, with 2,474 incidents reported in 2020. 

“The IC3 annual report continues to document a steady increase in voluntarily reported cyber crimes of all types and across all sectors,” Riggi said. “Notably, phishing email and social engineering-based attacks nearly doubled in 2020 to 241,342. The FBI and I agree that the report may undercount the number of ransomware attacks and their impact. For example, it does not account for the fact that one ransomware attack on a single health system could disrupt health care services for multiple hospitals across multiple states, impacting thousands of patients.” 

FBI Deputy Director Paul Abbate, who oversees all FBI domestic and international investigative and intelligence activities, will discuss issues affecting the health care field, including threats to vaccine distribution and ransomware attacks that could disrupt patient care and jeopardize patient safety, during an AHA all-member call April 1. To register for the call, from 3-4:15 p.m. ET, click here. (Please note the registration page is not compatible with Internet Explorer, so please use another browser to register for the event.)

For more information on this topic or other cyber and risk issues, contact Riggi at jriggi@aha.org.