In light of what happened to the television station in several cities in Montana last week, I thought it would be a good topic to discuss in an article. This is not intended to be an in-depth discussion on the subject, but rather a shallow dive into a very worrisome issue.
I have just returned from an international taskforce meeting on Cybersecurity in Phoenix, and ransomware was a major part of the discussion. It is at or near the top of security issues for state governments everywhere. The same security issues exist in the business and personal realm as well.
First let’s define what is meant by ransomware. It is a hacking or phishing method used by criminals to take control of a computer or a series of computers and locking them up in a manner that prevents the user from getting access to information on the infected computer(s) or preventing the use of said device(s).
The name of the crime comes from the next step, when the perpetrator of the crime demands payment, often in the form of bitcoins, since they can’t be traced, before they will release the (hostage) data or allow the owner to get into their computer. This demand will usually have a 24 to 48-hour window in which the owner must pay the ransom or the ransom amount will double. If payment isn’t made, the information on the computer will be erased.
The speaker at the meeting was deputy director on Cybersecurity at Homeland Security, and his presentation had all of us more than a little bit concerned because states and metropolitan areas are under attack from this insidious problem. In fact, the city of Baltimore was locked up and the criminals demanded millions to release their system. Baltimore didn’t have the money to pay the ransom and have since spent more than $10 million to rebuild their system, collect whatever data they can, and put in place the required updates and training to make sure it didn’t happen again.
What can be done to greatly reduce the possibility that you will be attacked? Several things must be a part of a businesses’ or individual’s computer protocols to do so. First, make sure you have backed up your data and infrastructure on a separate storage device and disconnect that device from your system. If you don’t disconnect it, the malware (in this case ransomware) will infect it also, and thus make it useless as well. Don’t connect the device to your computer unless you are positive your computer is clean.
Second, keep your software up to date. The methods used by criminals are constantly changing, so you must update your software as soon as updates become available. Since the bad guys are often ahead of software developers, this won’t guarantee you can prevent all attacks, but it is an important step to lessen the possibility by reducing known vulnerabilities.
Third, train every member of your organization on how phishing works and what to avoid when using their computer. This takes ongoing training, since the bad guys have become very adept at copying legitimate texting to the point it is nearly impossible to tell them apart. Often, they will send texts to someone they have gotten details about and tell them to do an activity like a text from their boss or supervisor to send money or information to an individual immediately. Since it looks legitimate, they push a button and the system is immediately locked down.
If you are interested in more detail, Homeland Security has information to help you. Don’t get caught up in this terrible criminal activity. If attacked you will be glad you protected your information.