A headline last month in the Tallahassee Democrat said “Ransomware Reached NBC 40 in Tallahassee”, another before that read “Envision Credit Union Taking All Appropriate Action After Possible Cyber Attack”.
In June, I laughed as I read Ed Perrine, the former COO of Network Tallahassee, about when their organization was hit by ransomware. He said in the Democratic newspaper that “I was really tempted to go home and start drinking.” Well said, Ed.
As I told the Legal Administrators Association of Tallahassee last month in a speech, all cybercrime is sneaky; but the ransomware is as sinister as it gets and could indeed warrant a potent drink.
Cybercriminality :Envision Credit Union “takes all appropriate measures” after possible cyberattack
Disturbance:Notorious Russian cybergang could be the source of disruption to local CW, FOX and NBC affiliates
Purchases:Supply Chain Crisis Impacts Tallahassee Businesses, Testing Buyers During Peak Holiday Season
The ransomware works like this. You one day receive an email at your office and it appears to be from a shipping company. Hackers like to pretend to be shipping companies because our world has turned into an order all of my home world. My wife, for example, is obsessed with her Amazon shipping. It’s like a mini-Christmas every week, usually from Ulta, so not very Christmas for me.
Either way, you get your shipping confirmation email, or an email saying “your shipment has been delayed”, so you click immediately and WHAMO! Your computer is infected, all files are encrypted, and you cannot access them.
Then the code spreads to the next computer in the office and the next, until the whole organization is digitally brought to its knees as you collapse in your chair and hope IT has some awesome backups ready. restore everything to normal before you click.
Until then, your screen will usually have a clock that counts the time you have to pay the ransom to get your files back. Hackers will ask you for large sums of Bitcoin and if you pay them they might give you the promised encryption keys to get your files back, they are criminals after all.
As long as people keep paying these ransoms when they get infected, more and more people will get into the hacking game. To be clear, they’re not even really hackers half the time. These are just criminals who have gone to the dark web and bought a ransomware toolkit and are now sending thousands of emails with malicious code, and when one of us clicks, they potentially have a pay day.
We must all be prepared to end this crime by having 100% situational awareness with emails, texts, phone calls, and web browsing. Hackers are literally on every corner, you have to deal with IT like driving a car, looking both ways, using your signals, looking at yourself in the mirror, checking everything before continuing.
As you can see from the previously mentioned examples, hackers don’t just prey on big boys and girls like Colonial Pipeline or Solar Winds. I’m sure you’ve seen these corporate entities in the national news, they’re preying on you and me too.
We won’t start winning the cyber war until we stop falling for these attacks and, more importantly, until we stop paying. If you are infected, the best strategy is to erase all of your devices and restore your network from backups.
At the end of the day, we have to put everything we have into this fight. Deploy two-factor authentication, strong passwords, redundant backups, conduct phishing trainings and simulations, install anti-virus and anti-spam tools, buy cyber insurance (I got mine from Earl Bacon here at Tally), install an enterprise-level firewall, and deploy advanced threat monitoring, isolation and management tools
Most importantly, double check before clicking on emails, don’t give your passwords to anyone for any reason, and stay safe. Also, as a courtesy of the Thanksgiving month for our online readers, we’ve run a free e-learning course here for more information and yes – it’s verified safe to click youtube.com/watch?v = 70wq28QbiJA.
Blake Dowling is CEO of Aegis Business Technologies, author of Professionally Distanced, host of the Biz & Tech podcast, and writes for several organizations. He can be contacted at email@example.com
Never miss a story: subscribe to the Tallahassee Democrat using the link at the top of the page.