The FBI has released a statement urging companies across all industries, healthcare included, to report ransomware attacks to federal law enforcement, helping them get a step up in evaluating just how dire the situation is.
While there are many reasons why some companies avoid reporting the attacks, the FBI says it needs the information in order to gain a better all-around view of the problem.
"Victim reporting provides law enforcement with a greater understanding of the threat, provides justification for ransomware investigations, and contributes relevant information to ongoing ransomware cases,” the FBI said in the release. “Knowing more about victims and their experiences with ransomware will help the FBI to determine who is behind the attacks and how they are identifying or targeting victims.”
The FBI has compiled a list of details that companies can answer to give law enforcement the best opportunity to assess and fix the problem. The list includes filling out data on the date of infection, victim company information, how the infection occurred, ransom amount and overall losses. The FBI also provided a checklist that companies can follow to prevent future ransomware attacks. The list includes backing up data, examining links sent in emails, making sure anti-virus software is up to date and disabling macro scripts.