With ransomware attacks on the rise, here’s how to protect yourself online

Changes during the pandemic may have fuelled the increase in ransomware events. — Internet vector created by stories - www.freepik.com

A central Pennsylvania newspaper’s production was hit by ransomware, locking files critical to the printing of their daily edition.

A similar disabling attack targeted a major broadcasting company.

With downtime factored in, ransomware cost US companies US$20bil (RM83bil) last year, according to the Department of Homeland Security. It raised gas prices after the nation’s largest fuel pipeline was hacked, and in one lawsuit filed in Alabama, a hospital suffering from a ransomware attack is being blamed for the death of an infant, NBC News is reporting.

Ransomware schemes target just more than businesses — police departments, hospitals and individuals have all fallen prey to the insidious attacks carried out not just by individual hackers, but by criminal organisations, too.

“It’s become a business model. They have people on payroll,” Arielle Baine, cybersecurity advisor with the Department of Homeland Security’s Cyber and Infrastructure Security Agency, said about cybercriminal groups. “This is concerning. It’s one of the things that keeps me up at night.”

And it’s become much more sophisticated.

“Initially, ransomware attacks were where a user might click on a link in a phishing email, which is still very prevalent, but now it’s advanced, like with Colonial Pipeline attack,” said Bruce Young, who leads the cybersecurity operations and control management program at Harrisburg University. “The bad actors actually hacked in or penetrated the Colonial Pipeline’s network, then used ransomware to encrypt and take their data hostage.”

It’s a problem that has only gotten worse during the pandemic. Last month, we had a local example.

LancasterOnline reported that a ransomware attack hit the news organisation’s owner, Steinman Communications. The attackers demanded the company pay an undisclosed amount of money to unlock files critical to the printing of their daily LNP paper and its weekly papers.

The news organisation’s operations were significantly hindered after the Sept 30 attack, and recently, they thanked their readers for their patience and support as they painstakingly rebuilt their systems from the cyberattack.

Similarly, Sinclair Broadcasting was hit by a major cyberattack last month, leaving the company scrambling to restore its system, CNN is reporting.

While the company said all of its stations and regional sports networks were on the air and that network shows and major sports programming were being broadcast, reports indicate the attack impeded the production of many local newscasts, leaving staffers with no email, phones, file video or graphics.

On a larger scale, the Colonial Pipeline hack in April resulted in fuel shortages across the East Coast and showed just how damaging these attacks can be. This particular hack was the result of a single, compromised password, Bloomberg is reporting.

“It’s a wakeup call to take this threat seriously,” Baine said.

Changes during the pandemic may have fuelled the increase in ransomware events, which Young said increased 700% in 2020.

“When we all started working remotely, it happened so quickly that some organisations didn’t have the necessary infrastructure to support their employees working from home,” Young said. “Some people might have been connecting to company computers with home computers.”

These home computers could have been exposed systems that are now connecting in remotely to their employers’, setting the stage for some bad actors to move in and attack, Young said.

While organisations like the Department of Homeland Security are endlessly trying to combat the problem, even the best efforts fail at times.

“As cyber defenders, we have to be right all of the time,” Baine said. “These attackers only have to be right once.”

There are some steps that can be taken to try to prevent attacks, according to experts.

The first is for businesses and individuals to ensure they have a strong cybersecurity strategy in place to defend against threats, Young said, adding that threat-detection capabilities are built into many security controls, like firewalls.

“The threats go beyond just ransomware,” Young said. “To protect organisations from bad actors, you have to have detection mechanisms in place so that if someone is trying to break into your environment, you are alerted and you know your protection mechanisms are working, and if there is a failure, you want to be able to react and recover.”

Some of the most vulnerable businesses are the smaller or medium-sized companies that may not have their own cybersecurity teams. But Young said these services can be outsourced, or a security expert can be brought in to do an assessment to identify any potential gaps in security.

Another key, Young said, is backing everything on another storage device. With today’s technology, it’s also possible to take a “snapshot” of your files, he said, and as long as the ransomware does not impact the snapshot, your files can be quickly recovered.

Businesses should work with their Internet service providers, too, and understand what kind of security services they provide.

The Department of Homeland Security officers a website with additional tips and useful practices.

They also make these recommendations:

– Regularly maintain offline, encrypted backups of data and regularly test your backups,

– Update software and install patches,

– Run up-to-date antivirus software,

– Use strong passwords. A password manager is a great tool to help track and create strong passwords,

– Implement multi-factor authentication, where you log in using a password and something else – like a code texted to your phone – to verify it’s really you,

– Install and enable a firewall.

The department also recommends being on the lookout for these top signs of phishing schemes, where bad actors send emails or other messages asking you to click on links or provide information that can compromise your security:

– Suspicious sender’s address that may imitate a legitimate business,

– Generic greetings and signature and a lack of contact information in the signature block,

– Spoofed hyperlinks and websites that do not match the text when hovering over them,

– Misspelling, poor grammar or sentence structure, and inconsistent formatting,

– Suspicious attachments or requests to download and open an attachment. – Pennlive/Tribune News Service

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Join our Telegram channel to get our Evening Alerts and breaking news highlights

Next In Tech News

With U.S. labor scarce, logistics firms turn to remote forklifts
Hyundai Motor partners with quantum computer firm IonQ for battery development
Intel orders ASML system for well over $340 million in quest for chipmaking edge
Exclusive-Google to improve enforcement of adult ads policy
Telecom Italia shares slide further as doubts over KKR's bid intensify
Heritage land dispute over Amazon's new Africa HQ goes to court
British digital banking app Revolut launches U.S. stock trading
‘Game changer’ electric moped batteries spread from Taiwan across Asia
S.Korea's LG Energy Solution sees record retail demand for IPO
Five taken to hospital after fire linked to charging ebike battery breaks out in SG flat

Others Also Read