Why Yahoo Mail is now blacklisted by Congress

Yahoo Mail has been blocked until further notice by Congress due to a surge in ransomware attacks levied against the House.

As reported by Gizmodo, an email was sent to House of Representatives staff members explaining the move, blaming a surge in cyberattacks against the House as the main reason.

Specifically, ransomware is at fault. Ransomware is a breed of malware which infects systems, encrypts files and attempts to extract a 'fee' out of victims in return for a key which decrypts their files and restores system functionality.

Ransomware has recently hit major hospitals, causing severe disruption to services and potentially placed patient care at risk. While a ransomware attack against the House is not a life-or-death situation, a successful attack is still a major concern as government bills, employee data and schedules could be thrown into chaos.

The email was sent in late April, and warned staff that as there has been an increase in ransomware-based attacks through third-party email providers including YahooMail, Gmail and others, Yahoo's email service has been blocked by the House's IT desk "until further notice."

The "high" importance email reads:

"The primary focus appears to be through YahooMail at this time. [...] We will be blocking access to YahooMail on the House Network until further notice. We are making every effort to put other mitigating protections in place so that we can restore full access as soon as possible."

See also: Tick, tock: Jigsaw ransomware deletes your files as you wait

Recent attacks against the US government organization have focused on using .js files disguised as .zip files, although it is not known which types of ransomware are being levied against the House.

According to one congressional staffer who spoke to the publication on condition of anonymity, at least one of these ransomware attacks has been successful; although the compromised PC in question was shut down and reformatted quickly to eradicate the malware.

A Yahoo spokesman said:

"We take the security of our users very seriously, and we're collaborating closely with House IT staff to ensure that they have the right solutions in place to best protect their accounts."

In April, the US and Canada issued a warning to businesses concerning the rise of ransomware and discouraging users from paying the fee -- as there is no guarantee files will be returned.

Security

Do you need antivirus on Linux?

6 ways to protect yourself from getting scammed online, by phone, or IRL

The best VPN free trials for 2024

8 habits of highly secure remote workers

How to find and remove spyware from your phone

• Do you need antivirus on Linux?
• 6 ways to protect yourself from getting scammed online, by phone, or IRL
• The best VPN free trials for 2024
• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone

Top 5 security practices in staying safe online: From the experts

Read on: Top picks

• Apple goes server-side to fix Siri lock screen bypass security flaw
• Bug bounties: Which companies offer researchers cash?
• Cyberattackers botch integration of Adobe Flash zero-day vulnerability in exploit kits
• Meet the company which wants to stop pirates using the Web until they pay up