Breaking News

Creating Habits in an Age of Distraction

Shareable Snack: What ‘Dracula’ Teaches Us About Weak Men

7 Science-Backed Reasons It May Work– ProT Gold Collagen Protein

What Four Years of Creative Writing Have Taught Me

Reality Rejected: New NPR CEO Says ‘There Are Many Truths’

What Four Years of Creative Writing Has Taught Me

Trends in Ransomware: Cybercrime is on the Rise

Tags:

“A recent survey of IT providers revealed that payment did not unlock the files of their clients in about 25% of the cases…”

It would be comforting to know that our emergency services were secure from cyberattack, but it would also be naïve. A game-changer in the cybercrime business has been ransomware. Simply defined, ransomware is a category of malicious software (“malware”) that encrypts or locks data and holds it hostage until the user pays a ransom to unlock it.

Ransomware attacks are increasing at an alarming rate—a fact that all too many businesses have learned the hard way. Cyber-criminals have become emboldened in the age of anonymous crypto-currency such as Bitcoin. On March 7, I attended the Brandon Chamber of Commerce’s Synergy Luncheon, where the guest speaker was FBI Special Agent AJ Gilman. Special Agent Gilman has been working in cybersecurity for the past 18 years. He stated that he expects that ransomware attacks will continue to rise in 2017.

Recent evidence states that the network infrastructures of our police departments and hospitals are ill-prepared for these attacks. A few recent examples in the last year include:

  • March 2016: Ransomware-encrypted medical data was spread across three hospitals in Southern California. Hackers demanded $17,000 for the encryption key. The LA Times article stated that they did not pay the ransom, but some operations were disrupted due to computer downtime during the attack.
  • August 2016: A computer server at the Susan M. Hughes Surgery Center in New Jersey and Philadelphia was attacked and had ransomware installed.
  • January 2017: Police in Cockrell Hill, TX, admitted to losing 8 years’ worth of evidence in a ransomware attack. Also, as outlined in this article by my good friend and colleague Stephen Owsinski, 70% of the surveillance camera DVRs for the Washington, D.C. Metro PD were also infected with ransomware.
  • February, 2017: Roxana (IL) Police Department suffered a ransomware attack that shut down their computers for over a week.

Prosecuting cyber-criminals is difficult, if not impossible. This is not a crime that is being committed by teenagers getting their kicks in their parents’ basements. This is being committed by citizens of other countries, multi-national corporations, and—per Agent Gilman—at least a few members of the Chinese military. Even if the confidentiality provided by cyber-currency wasn’t a factor, jurisdictional boundaries and diplomatic roadblocks would still severely limit the ability of our law enforcement to bring the perpetrators to justice.

What Can Be Done

Think of ransomware as a business model. Protect your network so you don’t have to pay the ransom. Not only does it further fund and encourage the criminals, it does nothing to clear the malware from your server and desktops. This could cause a recurrence of the attack a few weeks or months down the road. In addition, there are no guarantees that those who hold your data hostage are going to release the data after you pay. A recent survey of IT providers revealed that payment did not unlock the files of their clients in about 25% of the cases.

The best way to beat these cyber-criminals is to build our networks so that the ransom will never have to be paid. A holistic approach that combines these seven best practices can help you defend against ransomware:

  1. Education: All your employees must know what the threats are, how they are delivered, and how to best prevent getting infected. The most secure networks can be bypassed by one click on the wrong email or by inserting a USB that was found lying around your office.
  2. Firewall: A hardware firewall that is properly configured can block threats from entering and isolate threats from spreading across the network.
  3. Spam Filter: 92% of malware, including ransomware, is delivered via phishing emails. Phishing emails are mass emails sent out disguised as a popular company or group with hopes that someone, anyone, will click on them. Spear phishing emails specifically target your organization and may appear to come from someone within your company. Either of these types of emails will usually try to get you to click on a hyperlink or attachment.
  4. Security Patches: Software security patches must be completed immediately. In many cases, these patches are designed to defend against vulnerabilities that have been discovered on your server or desktop software. Failing to patch leaves these vulnerabilities open for hackers to exploit. Also, make sure that any computers that are using unsupported software (such as Windows XP) are removed from your network.
  5. Antivirus and Anti-Malware: Having one of these but not the other is never sufficient. In both cases, a version that updates itself regularly (usually daily) and automates the scans is necessary. For business usage, a quick scan should be completed every 4 hours and a full scan every 24 hours.
  6. Policies and Procedures: A policy on cybersecurity should minimize personal usage on work computers and limit personal devices from being connected to the office network. This is to ensure that only devices that are fully up to date with patches and your security software are connected to your network.
  7. Backup: Having an on-site backup only is insufficient. Copying infected files to your backup device only guarantees that the infection remains on the network. A cloud-based backup system that is capable of fast recovery can be expensive but is well worth the price. Additionally, many companies offer virtualization of your server. In the case of a ransomware attack, you could run your office from a virtual backup of your files until you can get the server restored and cleaned of any malware.

 

Defending against cybercrime can seem expensive, but failing to do so could be even more costly. Ransom payments could be funding the enemies of our country or criminal enterprises around the world. It is tempting to pay when faced with the loss of your data and extended downtime, but a little investment in your network and your employees could go a long way toward defending against these attacks.

David Thornton is an OpsLens Contributor and retired law enforcement officer.

To contact or book OpsLens contributors on your program or utilize our staff for your story, contact [email protected].

  • RSS WND

    • Hollywood revival? Candace Cameron Bure on Jesus invading Hollywood: 'It's pretty incredible'
      (FAITHWIRE) -- Actress Candace Cameron Bure continues to bring hope, faith, and love to Hollywood. From her roots in “Full House” to her creativity in executive producing films like “Unsung Hero,” Bure is on a mission to tell important stories while entertaining the masses. In a recent interview with CBN News, she shared her passion… […]
    • House Dems vow to tank MTG's bid to oust Republican Speaker Mike Johnson
      By Mary Lou Masters Daily Caller News Foundation House Democrats announced on Tuesday that they would vote to table Georgia Republican Rep. Marjorie Taylor Greene’s attempt to remove House GOP Speaker Mike Johnson from his leadership position. Greene first filed the motion to vacate on March 22 during the latest appropriations fight, and the effort has picked… […]
    • State legislature overrides Dem gov's veto, approves millions to help fight illegal immigration
      By Jason Hopkins Daily Caller News Foundation Republicans in Kansas mustered supermajority votes to override their governor’s veto of millions earmarked for deployment of National Guard troops to the southern border. GOP lawmakers in the Kansas house and senate chambers voted Monday to override Democrat Gov. Laura Kelly’s veto of $15.7 million appropriated for Kansas… […]
    • Dr. Mercola: Expect an 'avalanche' of COVID-shot dementia
      Dr. Joseph Mercola, an expert on natural health remedies and avowed critic of the government-mandated COVID shots that were imposed on the American public during the pandemic, now is warning about the evidence of a link between those mRNA shots and dementia. At his Mercola.com website, he discusses his research and research by others into… […]
    • WATCH: SecDef admits it's possible U.S. troops could get into firefight with Gaza terrorists
      By Micaela Burrow Daily Caller News Foundation Secretary of Defense Lloyd Austin insisted Tuesday that stationing troops off a humanitarian pier leading to Gaza does not count as having boots on land, while leaving wide open the possibility of a live-fire exchange with attackers on the ground. The statement appears to undercut the Biden administration’s… […]
    • Office loan defaults at highest point in more than a decade
      By Will Kessler Daily Caller News Foundation High interest rates and low demand have led to the number of U.S. office buildings threatened by default reaching its highest point since the fourth quarter of 2012, the Wall Street Journal reported Tuesday. Around $38 billion worth of office buildings are currently facing defaults, foreclosures or another… […]
    • State AG: Why many are refusing to follow Biden's abortion agenda
      Steve Marshall serves as the attorney general for the state of Alabama, and in an interview with the Washington Stand is explaining why his state, and more than a dozen others, are refusing to go along with Joe Biden's latest abortion promotion. In this case, the Biden administration has actively hijacked a definitively pro-life law… […]
    • U.S. rancher accused of killing illegal alien wins major legal victory
      By Jason Hopkins Daily Caller News Foundation An Arizona rancher who was previously charged with fatally shooting an illegal immigrant on his property will not be retried, prosecutors declared. George Alan Kelly, a 75-year-old Arizona rancher who was charged for the 2023 killing of a Mexican national who illegally crossed into the U.S. and encroached… […]
    • Catastrophic reproductive damage after COVID shots: Gov't database
      A new report is citing a Canadian government database showing an explosion of reproductive ailments as evidence of problems with side effects from the mRNA treatments mandated by governments and businesses during the COVID-19 pandemic. "It is past time for the Canadian medical and government establishment, along with mainstream medical professionals and legacy media, to… […]
    • Probe demanded as Jack Smith accused of election interference
      By Katelynn Richardson Daily Caller News Foundation Special counsel Jack Smith was hit with an ethics complaint Tuesday for allegedly seeking to “unlawfully interfere in the 2024 presidential election.” Republican New York Rep. Elise Stefanik filed the complaint with the Department of Justice’s (DOJ) Office of Professional Responsibility, arguing Smith violated DOJ policy by seeking… […]
    • Enter My WorldView