As the FBI works to combat a specific type of ransomware virus, it is calling on businesses and software security experts for emergency assistance in its investigation.
Over the weekend, Reuters obtained a confidential “Flash” advisory from the FBI: “We need your help!”
The particular strain of ransomware the FBI is fighting is known as MSIL/Samas.A and is being used by hackers for extortion. The malicious software is designed to encrypt data on entire networks to prevent access and then offer to unlock the affected systems for a specific amount of money.
The agency said this is an alarming change in the typical behavior of ransomware since it impacts more than one computer at a time.
In its plea, the FBI asks any recipients of the message that have been impacted by the ransomware or have any information about it to contact the agency’s CYWATCH cyber center.
“This is basically becoming a national cyber emergency,” Ben Johnson, cofounder of cybersecurity firm Carbon Black, told Reuters.
The FBI’s first report on MSIL/Samas.A came last month without much urgency, but more recently, its investigators discovered that hackers are using the ransomware to target servers running out-of-date versions of a type of business software known as JBOSS, Reuters reported.
Hackers are now using a software tool called JexBoss on vulnerable JBOSS systems to launch their attacks, enabling the ability for ransomware to be remotely installed on computers across the network.
“The FBI is distributing these indicators to enable network defense activities and reduce the risk of similar attacks in the future,” the warning stated.