![us-capitol-100660529-primary.idge[1].jpg](https://i.imgur.com/gd7PNDv.jpg "us-capitol-100660529-primary.idge[1].jpg")
https://theintercept.com/2016/05/10/hackers-attempt-to-hold-capitol-hill-data-for-ransom/
>The House is under attack by hackers hoping to infiltrate congressional computers, encrypt their contents, and then force users to pay a ransom to get their access back.
>“In the past 48 hours, the House Information Security Office has seen an increase of attacks on the House Network using third party, web-based mail applications such as YahooMail, Gmail,” the House’s Technology Service Desk wrote in an email to House staffers on April 30.
>According to the email obtained by The Intercept, the hacked emails impersonate familiar people and invite staffers to download an attachment laced with malware — what’s known as a “phishing” attack.
>“When a user clicks on the link in the attack email, the malware encrypts all files on that computer, including shared files, making them unusable until a ‘ransom’ is paid,” the email said.
>But House administrative offices refused to say how many if any attacks have been successful, what sort of data may have been affected, or how much has been paid in ransom, if anything.
>“The potential for ransomware attacks the House faces is similar to any large organization,” a spokesman for the Chief Administrative Officer of the House wrote in a statement to The Intercept. “The House recognizes the importance of taking steps to employ a cyber security plan to protect our infrastructure, and we constantly work to improve training and education for all House users.”
>A lockdown on parts of the House internet network — from Wi-Fi to Ethernet — remains ongoing.
...
>Access to both YahooMail and Google Cloud services hosted by Google’s appspot.com appear to be completely blocked on the House’s network, according to Ted Henderson, a former Hill staffer and founder of two social-network applications designed for Capitol Hill communication: Cloakroom and Capitol Bells. It’s unclear if both blockages, not just Yahoo’s, are related to the ransomware attacks.
>Henderson says his several thousand users cannot post to the social networks inside the House office buildings. The way Cloakroom works, you’re normally able to log in either anonymously simply by using Capitol Hill Wi-Fi or with your staff email address. The Senate office buildings don’t appear to be affected.
>“This is the first time I’ve seen this happen at a scale like this in five years,” Henderson wrote The Intercept in an email.
>In recent months, several lawmakers have penned letters asking the Obama administration how it’s dealing with the problem of ransomware — a type of attack more than two dozen government agencies have admitted to confronting in the past as well.
>Now that Congress itself is the target, security researchers are hopeful the issue will draw more national attention. “What you’re seeing in Congress is just part of what’s happening,” Markus Jakobsson, founder of ZapFraud, a scam email detection service, and an expert on phishing attacks told The Intercept. “This will hopefully bring some awareness to decision makers. … once they start [going after Congress], there will be changes.”
>Ransomware attacks take many forms. Some hackers have managed to infect entire websites with malware.
>It’s not clear whether the current spate of attacks on the House network were targeted, or whether House users just happened to find themselves among the ever-growing number of victims.
...
more coverage:
http://www.zdnet.com/article/why-yahoo-mail-is-now-blacklisted-by-congress/
http://www.computerworld.com/article/3068623/security/ransomware-attacks-on-house-of-representatives-gets-yahoo-mail-blocked.html
http://gizmodo.com/cyberattack-leads-to-a-yahoomail-ban-on-capitol-hill-1775851542
http://techcrunch.com/2016/05/10/congress-warned-about-cybersecurity-after-attempted-ransomware-attack-on-house/
http://www.cnet.com/news/ransomware-goes-to-washington-hackers-attack-email/
>>43938
China does this on a daily basis.
>>43978
China just steals it. They don't try to hold it for ransom.
So I guess we can say this isn't just script kiddies looking for an alternative method of getting gubmint gibsmedats, right?
