The latest version of a ransomware email arrived on the personal laptop of a News 6 employee in the form of a tracking message from Federal Express Friday morning.
Engineers called it a zero day attack because current anti-virus programs had not seen or contained it before.
The hit occurred on the last day of September - 24 hours before the start of Cyber Awareness Month.
News 6 information technology engineer Mike Harvey said the bogus FedEx message contained a link to “track their package.” Once the employee clicked the link the virus was activated.
“With it being Ransomware,” Harvey said,” It caused all the files to shut down.”
Orlando FBI Agent Andrew Lenzen told News 6 that the ransomware and malware files are coming from overseas.
According to Lenzen dirty files can be tracked to 79 countries including China and Hong Kong. News 6's employee never saw it coming and the truth is he’s not alone.
The FBI Cyber Division reports one particular Ransomware “variant” infiltrated roughly 100,000 computers a day within the first few weeks of showing up.
The FBI pursues so called “cyber actors” and according to Lenzen, they hold your computer’s contents hostage for money.
“If we were looking at a family they could hold photos or tax information…a small business you have everything all your customer data, all your invoicing everything is shut down,” Lenzen said.
Lenzen told News 6 that law firms, police departments and even a hospital have been hit by ransomware files.
The FBI is requesting victims reach out to their local FBI office and/or file a complaint with the Internet Crime Complaint Center, at www.IC3.gov, with the following ransomware infection details (as applicable):
1. Date of Infection
2. Ransomware Variant (identified on the ransom page or by the encrypted file extension)
3. Victim Company Information (industry type, business size, etc.)
4. How the Infection Occurred (link in e-mail, browsing the Internet, etc.)
5. Requested Ransom Amount
6. Actor’s Bitcoin Wallet Address (may be listed on the ransom page)
7. Ransom Amount Paid (if any)
8. Overall Losses Associated with a Ransomware Infection (including the ransom amount)
9. Victim Impact Statement