The U.S. Bureau of Investigations (FBI) is reportedly investigating a computer virus called Cryptowall that has infected over 800,000 computers worldwide since February. Nearly one third of computers affected by the malicious virus are in the United States.
According to an ABC News report on Monday, cyber-criminals or hackers employ Cryptowall malware to kidnap victims computer files and essentially hold them hostage. If victims want the computer files back, they must pay a ransom – in bitcoins, the untraceable currency as mysterious to victims as Cryptowall itself. To date, CryptoWall victims have paid more than $1 million to the hackers to regain access to their kidnapped information.
In June, the New York Times reported on Cryptowall, warning that ransom-ware similar to Cryptolocker was quickly spreading. Cryptolocker infected 300,000 computers before the FBI and international law enforcement were able to take it down.
Cryptowall file-encrypting ransomware was first identified in April, 2014. A cyber threat researcher for SophosLabs, Anand Ajjan said both CryptoWall and CryptoDefense have the same code, and the only difference is the name. However, CryptoWall’s encryption can’t be reversed without the key. Previous ransomware attacks used social engineering in spam to trick you into downloading the malware. The more sophisticated CryptoWall can access your computer files just by visiting a website that is rigged up with an exploit kit. Since a public and private key combination is needed to decrypt files, it is impossible to recover affected files but the Windows system restore feature can restore your computer to the last saved restore point before the Cryptowall virus. In Windows Vista and Windows 7, the feature is called ‘Previous Versions.”
The Durham, New Hampshire Police department’s entire computer system was wiped out on June 5, when an officer received what appeared to be a legitimate message from a known contact. The officer clicked a link in the email and unknowingly downloaded the CryptoWall malware.
In June, 2012, the U.S. Department of Homeland Security issued a warning to American businesses about a computer virus dubbed the “Flame,” a sophisticated data-stealing worm responsible for a cyber attack on Iran’s oil industry. Cyber security experts said “the Flame” had the same code as the Stuxnet virus, which was responsible for destroying several centrifuges used for Iran’s nuclear enrichment program in 2010. The “Flame” was active for up to two years before it was identified by security experts.
In addition to continuous breaches of security at U.S. businesses including retailers and banks, repeated cyber attacks on U.S. government and military websites, including the Department of Defense, Department of Justice, FBI and other law enforcement agencies has sparked a sense of urgency by cyber security officials to address threats to U.S. computer networks.
In December, 2012, former National Security Agency (NSA) director, John “Mike” McConnell said United States officials have been repeatedly warned about the threat of potential cyber attacks that could have a tremendous negative impact on the country. In November 2011, then Chairman of the Joint Chiefs of Staff, General Martin Dempsey spoke of constant breaches to U.S. cyber-security at a forum in London. Dempsey said “we’re under constant attack every day.”
Cyber-crime costs U.S. businesses approximately $445 billion a year. Cyber security experts say victims of Cryptowall and similar cyber attacks should report the incident to the FBI and change their password immediately after such an attack. If possible, computer security experts advise that victims install anti-malware or anti-virus software to scan infected computers.