Technology has improved massively in the recent decade resulting in a drastic change in our habits. In terms of personal life, we are more likely to share information and our daily life activities in our social media accounts without even giving extra thoughts. With work, companies are thinking on how to make the work environment more user friendly for their employees. Covid-19 Pandemic had caused a massive disruption and accelerated the change. From having everyone working in the office to now anyone can work anywhere. In the long run, the change is good as we are no longer restricted by locations while searching for an ideal job. However, individuals’ and companies’ cybersecurity knowledge are struggling to keep up with the technological change giving hackers a great opportunity to take actions.
No matter how big or small the cyberattack is, it is a threat to an individual or the company; and the target of the attacks can be anyone. Despite the different actions that can be taken to reduce the chances of attacks, it is important to equip ourselves with cybersecurity knowledge and awareness; so that we are aware when we encounter one.
Today’s focus will be Ransomware attacks. Ransomware is a type of malware attacks where hackers steal or block certain files, systems or networks and threaten user to pay a costly ransom before giving you back the control of such information. However, there is no guarantee paying a ransom will give you back control of the data or that your information is not leaked out.
Recent Major Ransomware Attacks
As mentioned earlier, anyone, any organization can be target of a Ransomware attack. Recently two different organizations within the U.S. government were a target of Ransomware attacks resulting in a potential leak of sensitive information.
Back in February 2023, the oldest U.S. federal law enforcement agency – the U.S. Marshals Service has reported themselves as a victim of a ransomware cybersecurity attack. In this attack, it has impacted a standalone computer system which contained records about ongoing investigations, employee’s personal data and internal processes. Fortunately, the listed data did not include any data from the witness protection program which can potentially put people in danger. However, those data the hackers have control over is already a big threat to the U.S. Marshals Service and the public. Especially when no further information was shared in regards rather a ransom payment was being asked and if they managed to gain back access of all the data.
In less than 2 months another ransomware attack was reported in the United States. In early April Sam Bernardino County Sheriff’s Department reported ransomware attack where the hacker has taken control of their information technology system, preventing the police department to access the systems that can track rather a person is wanted for crimes elsewhere in the country. In this incident a US$1.1. million ransom payment was asked, and after “careful consideration” the county officials opted to pay the ransom payments to regain control of their system. Although it was said that this attack causes no threat to the public, it is still under investigation to determine rather such information was leaked out.
Tips for Avoiding Ransomware:
From the two big incidents, a great lesson is learned. Taking necessary precautions is extremely important as it can help gain awareness and prevent ourselves from falling into this trap. Below is a list of ways that can help minimize the chances of encountering Ransomware or any other cyberattacks.
- Be a cautious computer user and be alert of any suspicious activity happening with data, network, or the system.
- Keep the operating systems, software, and applications up to date.
- Make sure anti-virus and anti-malware solutions are updated regularly and will conduct regular scans.
- Back up your data regularly.
- Create a continuity plan within the organization in case it becomes a victim of a ransomware attack.
- Take the above actions now, as you will never know when you will be targeted.
On top of the above cybersecurity tips on ChatGPT, our Modern+ and Safeti+ customers can check out more Cyber Security related end-user awareness training videos, particularly some focusing on Ransomware Protection and Whaling Attack to further learn about how you can protect yourself and company. If you have not joined us yet, click here to learn more about the different services provided.
Ransomware — FBI, San Bernardino County Ransomware Attack, U.S. Marshall Service Ransomware Attack