The FBI has requested Americans to disclose information that can be used to find the whereabouts of the hackers. This request was made in conjunction with two other federal agencies, CISA and MS-ISAC.
Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency, and Multi-State Information Sharing and Analysis Center released coordinated advice in an effort to gather data to prevent ransomware attacks.
The joint cybersecurity advice warned people about Vice Society, a ransomware-like malware that encrypts data and requests a fee to decrypt it, as part of the #StopRansomware campaign.
In addition, they note that “School districts with poor cybersecurity capabilities and tight resources are often the most vulnerable.” The trio predicts an increase in ransomware attacks, particularly targeting educational institutions.
The FBI requested US residents to disclose information that helps monitor the whereabouts of the hackers, even though preventative steps are still crucial to combating ransomware. The FBI is particularly interested in IP addresses connected to the perpetrator, ransom notes, and Bitcoin (BTC) wallet information.
Authorities can track down illegal transactions on Bitcoin’s immutable blockchain using wallet addresses without having to worry about the trail going cold.
Even while Bitcoin makes cross-border transactions easy, the majority of attackers prefer to use fiat money to finance their illegal activities. Additionally, it was discovered that in 2021, only 0.15 percent of activity on blockchains was criminal in nature, a figure that has been steadily declining over time.
The three government authorities also sternly warn citizens against paying ransoms because doing so “does not ensure victim files will be restored.” People who have been impacted by ransomware attacks can report the specifics by going to a nearby FBI office or using formal channels of communication.
Recently, the Dutch Public Prosecution Service discovered cryptocurrency wallets linked to a ransomware attack on Maastricht University in the Netherlands (UM).
All of UM’s assets, including research data, emails, and library resources, were frozen in 2019 due to a ransomware hack. Later, UM consented to pay the hacker’s demand of €200,000 in BTC, which is now worth almost €500,000.