Slashdot Mirror

← Back to Stories (view on slashdot.org)

Victims Aren't Reporting Ransomware Attacks, FBI Report Concludes (bleepingcomputer.com)

Posted by msmash on from the what's-happening dept.

Catalin Cimpanu, writing for BleepingComputer: Despite being an expanding threat, ransomware infections are rarely reported to law enforcement agencies, according to conclusions from the 2016 Internet Crime Report (PDF), released yesterday by the FBI's Internet Crime Complaint Center (IC3). During 2016, FBI IC3 officials said they received only 2,673 complaints regarding ransomware incidents, which ranked ransomware as the 22nd most reported cyber-crime in the US, having caused just over $2.4 million in damages (ranked 25th). The numbers are ridiculously small compared to what happens in the real world, where ransomware is one of today's most prevalent cyber-threats, according to multiple reports from cyber-security companies.

3 of 87 comments (clear)

  1. Re:Of course they aren't by Alan+Shutko · · Score: 3, Interesting

    How likely is it that they will catch the people who did it? And if they do, how likely is that to reduce the chances of someone else doing the same thing?

    If someone steals your car, you contact the cops because it's possible you'll get your car back. Even if not, it's sort of possible they'll find the car thief, because the city is only so big. But finding who put ransomware on your computer among billions of people all over the world?

    Again, there's nothing in it for the victim.

  2. Re:Of course they aren't by ShanghaiBill · · Score: 3, Interesting

    Ever consider the possibility that the cybercrime division actually could help

    No. I was actually involved in a criminal case involving the FBI's cybercrime unit, and I would not even consider the possibility that they could figure out how to turn a computer on. I never met a group of more clueless people. The guy leading the investigation had been a history major in college, and had made no effort whatsoever to learn anything about technology. His subordinates were even dumber.

    Disclaimer: I was not the target of the investigation. The FBI contacted me because I had previously won a civil suit against the perp, and knew a lot about his business practices.

  3. $ransom bad publicity ? by moeinvt · · Score: 3, Interesting

    If you file a report, is the FBI under any obligation to keep it confidential? I wouldn't trust them to stay quiet even if that was their official policy. Those guys who leaked the "Orange is the New Black" episodes somehow learned that the studio had called the FBI, after being warned not to, and punished them for doing it, even though they paid the ransom.

    I read one paper by a security expert and he said that big banks in Europe and N. America have been doing this for years. Eat the losses from computer crime as a cost of doing business rather than risk damage to their reputation by reporting that someone had broken into their customer's accounts.

    I'm sure a lot of other companies would rather pay up than endure the bad publicity which would come from word getting out that "Company X was hacked".