How do ‘ransomware’ computer hacks work? An FBI special agent explains

WASHINGTON (NewsNation Now) — Hackers are targeting businesses, governments and other public entities with costly “ransomware” attacks that disable their computers until they agree to pay the price.

These attacks are “essentially indiscriminate,” FBI Special Agent Jonathan Holmes said, in that they don’t target a specific business or even a particular industry.

By getting victims to click on links accidentally or otherwise download malware onto their computers, hackers can get a foothold inside their targets’ networks. After gaining control, the hackers can restrict anyone from using computers connected to the network until their demands are met.

While the FBI urges people not to pay ransoms, Holmes said he would understand if a hospital or other vital organization agreed to hackers’ terms.

One major hack of Microsoft recently affected 30,000 of its customers, prompting the Biden administration to launch an emergency task force to investigate. Holmes said he wouldn’t be surprised if those companies and government entities are targeted in future ransomware attacks.

I would not be surprised if some of these companies that were running this vulnerable Microsoft Exchange software, you know, are eventually hit with ransomware.

FBI Special Agent Jonathan Holmes

“They’re looking for any angle to gain access to a victim’s system, and if this is an angle that they feel comfortable taking and they can do, I suspect they’ll do it,” Holmes said.

Who is doing the hacking? Holmes said they are mostly Russian speaking, likely coming from Eastern Europe or Russia.

The hacks are so profitable, Holmes said they’ve seen online chatter from cybercriminals urging others to move from identity theft to ransomware because they’re going to make a lot more money.

“The vast majority of these individuals are financially motivated; their goal is to get as much money from individuals as they can,” Holmes said. “I think the reality is this just isn’t going away because ransomware is so lucrative.”

However, Holmes said the FBI constantly identifies the parties behind the attacks to hold them accountable.

“First and foremost, we try and do what the FBI does best. We try and figure out who they are. We try and arrest them, and we try and put them in jail,” Holmes said.

Additionally, the agency can seize assets or press for other sanctions on anyone suspected of involvement with hacking — especially if they’re outside the U.S. — and “burn down” the digital infrastructure used by hackers through online attacks of their own.

“We also target the ecosystem that allows them to operate, and that includes targeting money laundering exchanges,” Holmes said.

This includes working to disrupt illegal cryptocurrency exchanges, which he said can be used to launder money gained through hacks.

“I recognize that from a public standpoint, you know, we’re not always vocal about everything we do,” Holmes said. “We’re not always advertising that because we’re also playing the long game here.”


© 1998 - 2023 Nexstar Media Inc. | All Rights Reserved.

Trending on NewsNation