FBI says Ransomware victims usually do not report

448

United States Federal Bureau of Investigation (FBI) has recently released Internet Crime Complaints Center’s annual report which says that ransomware victims fail to report to law enforcement agencies as soon as they fall prey to the malware. Reason-most companies do not want to report to police because as soon as they do, it becomes a public record.

FBI confirmed in its latest crime complaints report that only 2673 victims reported to the law enforcement about ransomware in 2016 and incurred losses of nearly $2.5 million.


Despite ransomware proving as a prevalent cyber threat in 2016, people fail to report such incidents as they fear that such reports when leaked through media will damage their reputations among their customers, clients, partners, and competitors.

For this reason, small and medium businesses have been historically hesitant to share any breach or intrusion data unless compelled by reasons such as insurance claim.

Yahoo stands out as a tall example to SMBs in this issue because data of the web services giant was breached twice by hackers last year.

And as the media started to spread this news like wildfire, the Marissa Mayer-led company had to offer a 360 million discount to its potential buyer Verizon in 2017 to overcome the virtual damage caused by the media.

And do you know how the media got the sniff of the Yahoo cyber attack?

It was Yahoo which reported to the law enforcement about the data breach and on the request of the said law enforcement made this new public through proper channel.

So, does reporting to law enforcement prove fatal to a cyber attacked business?

No, says FBI. It is, in fact, encouraging companies to tell the feds about the attack.

Furthermore, the Bureau is providing a forum to victims for sharing data about attacks, including dates, variants, how the infection sneaked into the network, the demand of the hackers to decrypt the database and the payment details.

FBI says that spreading an awareness of such incidents mitigates the cyber attack risks to a great extent as it helps companies learn what is happening in the cyber space, what to do when such events strike their business.

Thus, all such info helps enterprises to put proactive IT measures in place to combat with all kinds of cyber threats as soon as they take place.