A series of ransomware attacks on the House of Representatives have led US Congress to ban members from using Yahoo Mail until further notice, according to a leaked email published by Gizmodo.
The email, which came from the House of Representative’s Technology Service Desk, states that there had been an increase in ransomware attacks sent through Gmail, Yahoo Mail, and other public email services. Ransomware is the latest virus that infects a computer with a family of infestations known called as “ransomware.”
— Graham Cluley (@gcluley) May 12, 2016
“The House Information Security Office is taking a number of steps to address this specific attack,” the Technology Service Desk said in the email. “As part of that effort, we will be blocking access to Yahoo Mail on the House Network until further notice.”
Ransomware locks down a computer’s hard drive, allowing a hacker to seize control of its files. The hacker usually issues a demand e.g. ransom to release control of the files and folders on the hard drive. Ransoms were anywhere from $25 to $600. All funds were to be paid through Bitcoin or MoneyGram services.
Ransomware hit the cyber world around 2013. It affected tens of thousands of computers within days, spreading through established botnets and infecting users through standard phishing links embedded in email attachments and untrustworthy downloads.
Despite system resets, flashing the BIOS, or installing new hard drives altogether, the users still could not gain access to the computer. Many victims paid the ransom and some hackers relinquished control of the computer, which only fueled the criminal enterprise while encouraging victims to pay versus alternatives like buying new computers and later mobile devices.
— ZDNet (@ZDNet) May 10, 2016
Ransomware would lock down mobile devices operated by Google Android and a few iOS ecosystems. A message on the home screen said the phone would be wiped clean unless the ransom was paid. The message is accompanied by a countdown clock. However, cell phone users were relatively unharmed by the attack, as Android and iOS system back up vital information via cloud services.
In a technology-driven society, ransomware is a lucrative virus for criminals. Antivirus and firewall software can protect against ransomware. People should also use caution when navigating the internet. Many ransomware infections are the byproduct of clicking on links inside of emails and visiting suspicious websites.
The ban on Yahoo Mail inside the House of Representatives suggests that employees accessed Yahoo mailboxes from their work computers. The ban did not suggest that hackers tried to hack into the House of Representative computers, but it is a response to indicators that attackers have been using Google’s platform to host a remote access Trojan named BLT since June 2005.
House officials refuse to say if recent ransomware attacks have been successful or what data may have been affected. https://t.co/KXil161v2Q
— The Intercept (@theintercept) May 11, 2016
An unnamed House of Representative employee told Reuters that devices connected to the internet via Wi-Fi or Ethernet cables have been barred from accessing Appspot.com, the domain where Google hosts custom-built apps.
“We began blocking appspot.com on May 3 in response to indicators that appspot.com was potentially still hosting a remote access Trojan named BLT that has been there since June 2015,” Reuters reported.
Former House staffer Ted Henderson called the ban a “bumbling response” on Twitter. Henderson is the creator of Capital Bells, an app that helps users track floor votes taken in real-time, and Cloakroom, a chat app for Capital Hill insiders. Both his apps were affected.
In bumbling response to ransomware attack, HIR has even blocked access Capitol Bells & Cloakroom, impeding important free speech on the Hill
— Ted Henderson (@TedAtCapbells) May 8, 2016
Yahoo Mail and Google are working with the House of Representative’s IT department to find a solution to the problem.
[Photo by Marcio Jose Sanchez/AP Images]