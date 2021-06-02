KENNEWICK, WA - Are you connected to the internet? Probably. So many of us almost always are; whether it's WIFI, mobile data on our phones, our laptops, tablets or TV's. So, that means we're almost always at risk of a ransomware attack.
It's been called the 'COVID of the internet' but it's been around a lot longer than the pandemic. It can be something as simple as clicking a link that you thought was fine but turns out to be what's called phishing spam. Once that file is opened or downloaded it can take over the whole computer, even a computer system that could control a whole company.
"Another way and it's more complex but there are actually groups of bad actors that will infiltrate a network, get all their tendrils into everything and then encrypt," said Director of IT and Engineering of Cowles Media Company.
Ransomare.
"I wanted to vomit it," said Halvorsen. "It was the worst day of my professional life."
Back in December 2019, our broadcast company that spans three states got hit. The staff came to work to find computers with a message on them from doctor666.mail.fr.
"I got on remotely and started looking at the servers," said Halvorsen. "It was catastrophic."
He estimates the cyber attack affected about 350 employees and more than 100 servers. It took about two weeks to get fully back to work in every department.
"There are so many companies of all stripes that have been hit by ransomware and other malicious attacks over the years," said George Hefter of TCT Computer Solutions.
To name a few: Walla Walla University, Benton County Government, the Port of Kennewick, the Washington Department of Health and the city of Ellensburg. However, it's not just big organizations or media groups that are targeted; it truly can be anyone.
"I'm too small, nobody cares about me," said Hefter. "It's been fine up until now. These are commonly heard excuses we hear for why people don't take the extra precautions that they really should take."
According to the Cybersecurity and Infrastructure Security Agency (CISA) it's costing people and businesses billions of dollars a year.
Hefter took a look at an invoice from one of the local governments hit.
"The fact that they paid this sizable amount of money and that it was a fairly sizable enterprise that was completely brought to its knees and the only way out, the fact that they paid that also tells me that they did not have a very good backup," said Hefter.
The hackers demanded our broadcast company to pay $150,000 in Bitcoin in exchange for decrypting the millions of files their software infected.
"Since we got hit, obviously I was tracking what was going on and who was being hit," said Halvorsen. "The ransoms grew and grew and grew. So them asking us for 150k... that's nothing compared to what they're asking like school districts. They're wanting like millions of dollars."
Bitcoin is the currency of choice for hackers all over the globe because of its anonymity and those hackers are attacking right now.
"The end user is the ultimate source of protection. Nothing beats a skeptical end user. Nothing helps more than not clicking on those links in an email," said Hefter.
To protect and prepare yourself beyond that, here are a few takeaways: Having an antivirus software is important. So is a firewall, even for small businesses. Having a backup that is not connected to a network is a necessity.
RESOURCES -
CISA: https://www.cisa.gov/
Jeremy Halvorsen: jeremy.halvorsen@khq.com
George Hefter, TCT Computer Solutions: george@tctcs.com (509) 627-4808