Top homeland security senators raise the alarm on ‘ransomware’

Top officials at the Senate Homeland Security and Governmental Affairs Committee have sounded the alarm on a cybersecurity threat called “ransomware.”

Committee Chairman Ron Johnson (R-Wis.) and ranking member Tom Carper (D-Del.) sent letters to Homeland Security Secretary Jeh Johnson and Attorney General Loretta Lynch on Dec. 3, asking for more information on the federal government’s response to the growing trend used by cyber criminals.

Once a computer is infected, “ransomware” locks users out of their personal files through encryption and urges them to pay a ransom in Bitcoins or other untraceable online currencies.

“Infected users face the difficult choice of paying the ransom or losing their files forever,” the senators said in their letter.


“Only by staying a step ahead of the threat can we ensure the security of our citizens,” the senators said. “While much attention is paid to what must be done to bolster the cyber defenses at federal agencies and large businesses, all of us is vulnerable to online scams and emerging dangers like the malicious computer virus known as ‘ransomware.’”

Hackers have been successful in using these techniques. The Justice Department and FBI found that within one year, hackers infiltrated more than 234,000 computers with “CryptoLocker,” a type of ransomware. Only 1.3 percent of victims paid the ransom, but cyber criminals netted $27 million.

Many cyber intrusions start with spear phishing emails that trick readers into clicking a malicious link, said John Carlin, assistant attorney general for national security.

“Online threats of all types are increasing in frequency, sophistication and scope. And these threats are occurring against a background of increasing worry about the nation’s overall network security,” Carlin said Dec. 3 in a speech at Harvard Law School. “As a nation, we must have a strategy to deter and disrupt this high stakes hacking, to change our adversaries’ calculus by increasing its cost.  Simply being shielded — if not sponsored — by a foreign power will not offer protection. Our strategy must ensure there is no free pass.”

The Justice Department and DHS’ National Cybersecurity and Communications Integration Center brought down a number of CryptoLocker servers in June 2014 with the help of overseas law enforcement partners. The bust allowed officials to develop a decryption tool that unlocked users’ computer files without paying the ransom.

The FBI’s Internet Crime Complaint Center, however, has received a spike in complaints. A copycat virus, “CryptoWall,” infected nearly 1,000 devices between April 2014 and June 2015, with users paying nearly $18 million in ransoms.