Why Yahoo Mail is now blacklisted by Congress
The House of Representatives is not best pleased with the email provider.
By Charlie Osborne for Zero Day | May 11, 2016 -- 08:53 GMT (01:53 PDT) | Topic: Security
Yahoo Mail has been blocked until further notice by Congress due to a surge in ransomware attacks levied against the House.
As reported by Gizmodo, an email was sent to House of Representatives staff members explaining the move, blaming a surge in cyberattacks against the House as the main reason.
Specifically, ransomware is at fault. Ransomware is a breed of malware which infects systems, encrypts files and attempts to extract a fee out of victims in return for a key which decrypts their files and restores system functionality.
Ransomware has recently hit major hospitals, causing severe disruption to services and potentially placed patient care at risk. While a ransomware attack against the House is not a life-or-death situation, a successful attack is still a major concern as government bills, employee data and schedules could be thrown into chaos.
The email was sent in late April, and warned staff that as there has been an increase in ransomware-based attacks through third-party email providers including YahooMail, Gmail and others, Yahoo s email service has been blocked by the House s IT desk "until further notice."
The "high" importance email reads:
"The primary focus appears to be through YahooMail at this time. [...] We will be blocking access to YahooMail on the House Network until further notice. We are making every effort to put other mitigating protections in place so that we can restore full access as soon as possible."
Recent attacks against the US government organization have focused on using .js files disguised as .zip files, although it is not known which types of ransomware are being levied against the House.
According to one congressional staffer who spoke to the publication on condition of anonymity, at least one of these ransomware attacks has been successful; although the compromised PC in question was shut down and reformatted quickly to eradicate the malware.
A Yahoo spokesman said:
"We take the security of our users very seriously, and we re collaborating closely with House IT staff to ensure that they have the right solutions in place to best protect their accounts."
In April, the US and Canada issued a warning to businesses concerning the rise of ransomware and discouraging users from paying the fee -- as there is no guarantee files will be returned.