Ransomware Attacks on Congress Force Them to Ban Yahoo And Gmail

Remember that latest series of malware that everyone keeps talking about, ransomware? It would appear that the US Congress is all too aware of the malware given that as of the 30th April, members of congress are banned from using Yahoo and Gmail thanks to ransomware attacks stemming from the email services.

According to an email that Gizmodo managed to get their hands on, the attacks stemming from Yahoo, Gmail, and other public email services were increasing and forced the Technology service desk to send out the email below:

From: Technology Service Desk
Sent: Saturday, April 30, 2016 11:53 AM
To: All House Staff
Subject: Increase in Ransomware at The House
Importance: High

In the past 48 hours, the House Information Security Office has seen an increase of attacks on the House Network using third party, web-based mail applications such as YahooMail, Gmail, etc. The attacks are focused on putting “ransomware” on users’ computers. When a user clicks on the link in the attack e-mail, the malware encrypts all files on that computer, including shared files, making them unusable until a “ransom” is paid. The recent attacks have focused on using .js files attached as zip files to e-mail that appear to come from known senders. The primary focus appears to be through YahooMail at this time.

The House Information Security Office is taking a number of steps to address this specific attack. As part of that effort, we will be blocking access to YahooMail on the House Network until further notice. We are making every effort to put other mitigating protections in place so that we can restore full access as soon as possible.

Please do your part to help us address this recent attack and protect the House Network going forward by following proper cyber practices at all times. Phishing e-mails can look very legitimate and appear to come from known senders. Be very careful about clicking on attachments or links in e-mails, particularly when you are using non-House e-mail systems.

If you have any questions, please contact the CAO Technology Service Desk (REDACTED) at REDACTED or REDACTED.

With Yahoo now blocked in the house, and at least one of the ransomware attacks being deemed a “success”, resulting in the reformatting of the infected computer. With everywhere from Government to Hospitals being attacked by the latest wave of malicious software, what can we do but update our anti-virus and be wary of those “free” emails and attachments?