'Following The Money': The Rapid Rise Of Ransomware & How To Defend Against It
GREELEY, Colo. (CBS4) — As foreign cybercriminals continue to attack American infrastructure, information security experts warn U.S. systems remain vulnerable. Water utilities, transit systems, food processors and the oil and gas sector are all recent targets.
JBS, the world's largest meat supplier and Greeley's biggest employer, was hit by a cyberattack over Memorial Day weekend. The Federal Bureau of Investigation attributed the hack on Wednesday to the Russia-linked REvil ransomware operation.
"There is no question this is cyber warfare," said Stephen Hayne, Professor of Computer Information Systems at Colorado State University. "If there is a crack, and they really want to, they will find it."
Hayne, who also serves as co-director of CSU's Cybersecurity Center, said the attacks may not be at the hands of foreign governments. However, he said nations are continuously searching for vulnerabilities to gain access to American systems.
For those like Hayne who work in cybersecurity, the recent uptick in attacks targeting U.S. infrastructure comes as no surprise.
"We have been expecting this for years," Hayne told CBS4's Dillon Thomas.
Hayne said ransomware groups are attracted to profitable organizations because they often lead to better payouts. Some companies end up paying millions to cybercriminals because the ransom demands are less costly than the dollars lost due to IT downtime.
"I think they are just following the money," Hayne explained.
Hayne said the attacks should motivate companies to hire qualified cyber defenders.
"(American infrastructure) is going to be attacked and it is very, very vulnerable. We have known that for years," he said. "This is a chaotic problem for the economy. We have to plug every single hole. All they have to find is one."
Companies can defend against cybercriminals by providing security awareness training for employees. Many ransomware attacks originate from malicious email links and attachments.
Strong password management can also prevent cyberattacks. Many cybersecurity experts recommend storing unique passwords for each account in a password manager with multi-factor authentication turned on, preferably through an authentication app. You can also check if your passwords have been compromised through websites like haveibeenpwned.
Companies can also thwart cyberattacks by keeping software up-to-date. Hackers will often look to exploit vulnerabilities in unpatched software.
"We can fight this, this is not a dark hole we can't get out of," Hayne said. "We are starting to get those wakeup calls. I think we can dig out of this pretty quickly. We are good at this, we are better than the bad guys."