The US Congress has banned YahooMail until further notice due to its being vulnerable to ransomware threats. The move was announced in an e-mail sent to House of Representatives staff in late April.
Although the e-mail mentions Gmail as well, and overall warns against ransomware threats coming via web-based mail applications, it singles out YahooMail as the most vulnerable service. Ransomware infects computers by encrypting all of its content and prevents users from accessing it. As the name suggests, the malware allows hackers to request a sum of money in return for the key that can unlock the computers. According to the House IT desk, attack e-mails typically contain a link or an attachment that carry the malware. That is why, in its warning e-mail, it recommended that staff proceed carefully when opening messages sent through third-party services.
Web-based e-mail services such as Gmail, YahooMail and more are continuously working towards improving their capacity to filter and block phishing and ransomware attacks. However, more effort is needed from providers of e-mail services, to keep up with the ever-present threat of malware attacks.
In particular, ransomware attacks have reportedly surged of late. As revealed by security provider Symantec, compared to the incidence of phishing attacks, the frequency of attacks using crypto-ransomware has increased by 35 percent last year only. Identifying malicious e-mails can be particularly difficult, however, as they seem to be sent from existing contacts. According to a US Congress staff member, at least one attack was successful, however the computer infected was remotely shut down in less than half an hour by the House IT desk.
In response to the move, Yahoo said they were taking the security threat very seriously. The company added that they are collaborating with the House of Representatives staff to make sure the latter can identify and implement the best possible solutions to the threat.
While such attacks can prove very disruptive to anyone who ends up in the unenviable position of being locked out of their computer, they pose an enhanced danger to the House of Representatives. Therefore, alongside banning YahooMail, the House IT desk announced it was in the process of implementing a number of solutions to address ransomware threats.
Image source: Wikipedia