The FBI, along with two other federal agencies, CISA and MS-ISAC, asked U.S. citizens to report information that helps track the whereabouts of the hackers.
Three federal agencies in the United States — the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency, and the Multi-State Information Sharing and Analysis Center — jointly issued an advisory seeking information to curb ransomware attacks.
Help Sustained Through FBI Offices
As part of the #StopRansomware campaign, the joint cybersecurity advisory alerted citizens of Vice Society, a ransomware-type program that encrypts data and demands ransom for decryption.
The trio anticipate a spike in ransomware attacks, primarily aimed at educational institutions, adding that school districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable.
While proactive measures remain vital to countering ransomware, the FBI has asked US citizens to report information that helps track the whereabouts of the hackers. However, some key information the FBI seeks includes Bitcoin (BTC) wallet information, ransom notes, and IP addresses linked to the attacker.
By using wallet addresses, authorities can backtrack illicit transactions on Bitcoin’s immutable blockchain without worrying about the trail going cold.
Advised Against Ransomware Payment To Threat Actors
While Bitcoin enables frictionless cross-border transactions, most attackers prefer using fiat currencies to fund their illicit activities.
It was also found that only 0.15% of activity on blockchains in 2021 was crime related, which has been going down consistently year over year. Moreover, the three federal agencies strongly discourage Americans from paying the ransom as payments do not guarantee the recovery of victims’ files.
Reportedly, individuals affected by ransomware attacks can report the details by visiting a local FBI office or through official communication channels. The Dutch Public Prosecution Service recently tracked down crypto wallets associated with a ransomware attack on Dutch-based Maastricht University (UM).
In 2019, a ransomware hack froze all assets of UM, such as research data, emails, and library resources. UM later agreed to pay the hacker’s demand of €200,000 in BTC. The firm lost $500,000 in today’s valuation.
