Ransomware: Prevent your computer from being infected
The cities of Newark, Atlanta, and Sarasota have been hit. So have hospital systems and just this past week, one of the country's largest suppliers of beef, pork and poultry. Last month, the Colonial Pipeline from Texas to New Jersey was held hostage, leading to gas shortages all along the east coast. When the cyberattack targeted Leeds, Alabama, its mayor had no access to email, personnel files, or financial systems.
This week on 60 Minutes, correspondent Scott Pelley reports on the growing cyber threat called ransomware, a type of malware that locks up a victim's files and denies access to a computer system until money is paid with a digital currency that is hard to trace. While Pelley's report focuses on the effects of ransomware, the experts he spoke with said most attacks can be prevented.
PRACTICE "CYBER HYGIENE"
The FBI's Mike Christman ran the bureau's cybercrime unit. He gave Pelley tips on preventing a ransomware attack:
Use two-factor authentication. Two-factor, or dual-factor authentication adds a layer of security to online accounts by requiring two ways of proving your identity. One common form of two-factor authentication is entering a password, then receiving a one-time numerical code via text message.
Backup your data offline. Use an external hard drive to secure important information.
Use internal firewalls on your network. That way, if a malicious actor accesses your computer, he cannot move laterally through the network and lock up the entire system. Experts liken it to preventing one person's case of the flu from turning into an epidemic.
Regularly update your password. Cyber criminals looking to hack into a system sometimes purchase stolen passwords on the dark web.
Remote access creates an additional set of vulnerabilities. Understand the risks, including the possibility of stolen passwords, and how to prevent them when allowing employees or IT staff remote access to networks.
BEWARE THE PHISHING EMAIL
The most common type of ransomware attack starts with a phishing email, which tries to get users to open an attachment or click on a link. The attachment or link then installs ransomware.
Tom Pace founded NetRise, a cybersecurity firm based out of Austin, Texas. When 60 Minutes spoke with him back in 2019, he was a vice president at BlackBerry Cylance. He spoke with 60 Minutes producer Henry Schuster about how to identify phishing emails, saying to look for these signs:
Misspelled words
Strange word choices
Odd links, especially from someone who wouldn't usually send a link
Unusual attachments, especially a zip file or a .exe file
Pace said to be aware of where the email is coming from, and if it appears to be coming from a friend, call the person and ask if they sent an attachment before you open it.
ALWAYS UPDATE YOUR COMPUTER'S SOFTWARE
Pace told 60 Minutes that, when your computer tells you to update software, do it. It's called patching.
Over time, hackers find vulnerabilities within software, such as operating systems, Adobe Reader, and Microsoft Word. Vendors eventually patch those systems with regular updates—so you need to update as well.
THE COVID-19 COMPLICATION
When the pandemic hit, Pace said, that presented a complication for employers whose workforces needed to operate remotely. "There's no way you can properly secure all of those connections, deploy appropriate hardware and software to make that as secure as a centralized network. Companies had two to five year transformation plans that they needed to execute in days to weeks, it was a nightmare."
"BE PREPARED"
In January 2018, a ransomware attack shut down the computer systems at Indiana's Hancock Regional Hospital. The entire network was held hostage until the hospital paid a $55,000 ransom. Its CEO, Steve Long, now warns others about the threat of ransomware.
"Fundamentally good organizational dynamics are what you need," Long told 60 Minutes. "So the things you're trying to do anyway, that's what's going to help you get through this."
To watch Scott Pelley's "60 Minutes" report on ransomware, click here.
The video above was originally published on May 5, 2019. It was edited by Will Croxton.