The FBI’s Cyber Division and Major Crimes Unit faces challenges with ransomware investigations because of a range of tools and techniques that make it hard to track an attacker’s IT infrastructure. (FBI)
Most organizations know the basic blocking and tackling needed to protect themselves from ransomware: regularly back up data offsite, have a dedicated incident response plan in place, and stay up to date on the latest malware signatures and indicators of compromise.
But law enforcement agencies and cybersecurity experts warn that ransomware groups are working harder than ever to leverage tools and techniques that hide their presence from threat detection engines, cover their tracks from investigators and generally make it harder for companies to spot or respond to intrusions until it’s too late.
Supervisory Special Agent Jonathan Holmes, who works in the FBI’s Cyber Division and Major Crimes Unit, said that “ransomware investigations are often very difficult to investigate,” pointing to a range of tools and techniques that make it harder to track an attacker’s IT infrastructure.
“They’re relying on email providers th ..
Support the originator by clicking the read the rest link below.
