Homeland Security's Ransomware Tip: Not Paying Is the Only Current Solution

The DHS issued an alert, but there's not much to do about it.

Ransomware seems to be the trending method of cyber attack in 2016: Apple users have been hit, U.S. agencies have been targeted, and a California hospital last month paid $17,000 in ransom fees after malicious software shut down its computer systems. The style of online attack has become such a problem, in fact, that there’s now an international effort to deliver public guidance on the topic.

The U.S. Department of Homeland Security (DHS), in collaboration with Canadian Cyber Incident Response Centre (CCIRC), issued a statement advising against ever paying the ransomware fees, saying there’s no guarantee the attacker will lift the virus and restore functions.

“The authors of ransomware instill fear and panic into their victims, causing them to click on a link or pay a ransom, and users’ systems can become infected with additional malware,” the DHS alert reads. “Paying the ransom does not guarantee the encrypted files will be released; it only guarantees that the malicious actors receive the victim’s money, and in some cases, their banking information.”

This policy is harder to follow when hospitals are being attacked and patients’ lives are at risk.

Hollywood Presbyterian Medical Center was the victim of a ransomware attack in March, 2016.

Wikipedia Commons

Hollywood Presbyterian Medical Center said it had its electronic systems shut down for a week before it gave in and paid the ransom in the anonymous electronic currency Bitcoin. During the attack, doctors were forced to rely on paper charts and fax machines to communicate with each other and their patients.

“This puts lives at risk, and it is sickening to see such an act,” Phil Lieberman, a cybersecurity expert told The LA Times about the Hollywood hospital attack. “Health management systems are beginning to tighten their security.”

This and other recent attacks have put a spotlight on the inadequate cyber security of hospitals and government agencies, as they attempt to bring systems up to modern protection standards.

This cartoon illustrates how ransomware works. 

Flickr /

DHS cited a 2012 report from the software security company Symantec, which estimated approximately 2.9 percent of attacked users, on average, were paying what ransomware hackers were demanding. With an average ransom fee of $200, the company estimated hackers were profited $33,600 a day or $394,400 per month, according to figures in its study.

DHS and CCIRC predict the financial success of such attacks are what’s leading to its recent proliferation, which is one of the reasons why they’re encouraging victims to stop paying the fees and to instead increase antivirus securities.