2 min read

US Congress blocks Yahoo Mail after wave of ransomware attacks

Graham CLULEY

May 12, 2016

US Congress blocks Yahoo Mail after wave of ransomware attacks

The United States of Representatives has taken drastic action in the wake of a series of attempted ransomware attacks against its computers. It is completely blocking Yahoo Mail.

Gizmodo managed to get its paws on a copy of an email sent to House of Representatives staff by its IT department at the end of April, warning that an increase in ransomware attacks had been seen, primarily coming through Yahoo Mail.

Part of the email reads as follows:

In the past 48 hours, the House Information Security Office has seen an increase of attacks on the House Network using third party, web-based mail applications such as YahooMail, Gmail, etc. The attacks are focused on putting “ransomware” on users` computers. When a user clicks on the link in the attack e-mail, the malware encrypts all files on that computer, including shared files, making them unusable until a “ransom” is paid. The recent attacks have focused on using .js files attached as zip files to e-mail that appear to come from known senders. The primary focus appears to be through YahooMail at this time.

The House Information Security Office is taking a number of steps to address this specific attack. As part of that effort, we will be blocking access to YahooMail on the House Network until further notice. We are making every effort to put other mitigating protections in place so that we can restore full access as soon as possible.

Gizmodo reports that an unnamed congressional staffer confirmed that at least one of the ransomware attacks had succeeded in infecting a computer, resulting ultimately in the hard drive being wiped.

Shortly before the warning was sent to staff, congressmen and congresswomen, the FBI issued its own public advisory warning consumers and businesses that ransomware was on the rise – and to ensure that precautionary steps were being taken to either reduce the risk of infection or be able to recover should files be encrypted by attackers.

The fact is that ransomware doesn’t discriminate – it extorts money from individuals around the world, and organisations big and small. Although some ransomware contains bugs that can allow files to be safely decrypted without paying a ransomware, it’s sadly a minority.

The answer, as always, is that prevention is better than cure. Be sure to check out my article on the Bitdefender Business Insights blog for my top tips on how to stop your computers being hit by ransomware.

But aside from defending your systems and ensuring that you are reducing the threat by having an organised, secure backup regime we also need ISPs and webmail providers to play their part in identifying and stamping out attacks.

If ransomware attacks are really being spammed out from Yahoo Mail addresses that does rather suggest that Yahoo isn’t doing the best of jobs preventing criminals from exploiting accounts to engage in malicious activities.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read