Thursday, September 15, 2016

FBI Asking for Ransomware Reports

In an FBI Public Service Announcement published today the Bureau is requesting that vicitims of ransomware report what hit them, the rootcause and even what they paid out in ransom.

NOTE: Please be advised that the FBI is not duty bound to protect your information and you should consider the effects to your company should the FBI choose to make that info public.

From the FBI PSA:

What to Report to Law Enforcement

The FBI is requesting victims reach out to their local FBI office and/or file a complaint with the Internet Crime Complaint Center, at, with the following ransomware infection details (as applicable):
  1. Date of Infection
  2. Ransomware Variant (identified on the ransom page or by the encrypted file extension)
  3. Victim Company Information (industry type, business size, etc.)
  4. How the Infection Occurred (link in e-mail, browsing the Internet, etc.)
  5. Requested Ransom Amount
  6. Actor’s Bitcoin Wallet Address (may be listed on the ransom page)
  7. Ransom Amount Paid (if any)
  8. Overall Losses Associated with a Ransomware Infection (including the ransom amount)
  9. Victim Impact Statement

This is a lot of data considering the massive amount of data already available from the Cyber Threat Alliance's study and subsequent analysis report of CryptoWall v3 less than a year ago and their live dashboard.

No comments:

Post a Comment