SAN FRANCISCO, Calif. (KRON) – An uptick in ransomware attacks in the Bay Area has local FBI and cyber security officials sounding the alarm. Ransomware in general has been running rampant. 

Bay Area businesses are advised to beware of Zepplin ransomware. According to the FBI San Francisco and Cyber Security and Infrastructure Security Agency, or CISA, the last two years have seen a tremendous uptick in attacks from these hackers.

FBI San Francisco Special Agent Elvis Chan tells KRON4, “Globally $2.4 billion dollars worth of damages was caused last year. I’m unfortunately very confident we will surpass that this year.” Special agent Chan believes we may be close to $3 billion in damages by the end of 2022. Bay Area companies in the healthcare industry are particularly at risk.  

CISA Chief of Cyber Security Joseph Oregon told KRON4, “Traditionally, hospitals have been targeted because they are a target-rich, cyber poor system.” Earlier this year, KRON4 reported on the 49ers being hit by hackers claiming to have stolen the team’s financial data.

The Bay Area’s transportation sector, education sector at university and intermediate levels, as well as IT companies, are of concern as well. Special Agent Chan tells KRON4, “They will send an email or text with a link, you click the link, it will activate the malicious software. It will find the data, make a copy and send it to the bad guys and then the remaining data it will encrypt, it will lock it up. After that, they’ll ask for double extortion ‘give us money, and we’ll give you your data, or B give us money or we will put this on the internet to embarrass your company.

Currently, just 20% of victims report attacks to the FBI. Usually, the hackers will request ransom payments in bitcoin with initial amounts ranging from several thousand dollars to over a million after gaining access to networks. The number one tip: don’t pay them.

KRON On is streaming news live now

Chief Oregon says, “These are criminal orgs who are not trustworthy, so there’s no guarantee paying the ransom will get your data unlocked or you won’t get hit again in the future. Eighty percent of business owners that pay the ransom were hit again.”

Instead, contact local authorities immediately. To keep yourself from becoming a victim in the first place, make sure your company is requiring multi-factor authentication to your systems, keep all operating systems and software up to date, backup your company’s data offline, and don’t click on any links from emails if you don’t know who sent it.