top of page
Writer's pictureAlexis Lindenfelser

The Next Threat: Ransomware

While the rest of us embarked on new hobbies, binged Netflix or Youtube, and lived in sweatpants, it seems like the hackers have been polishing up their software-stealing skills during the pandemic…


Recently, the number of ransomware attacks has increased both in prevalence and significance. A ransomware attack is when a cybercriminal hijacks a large corporation’s computer systems, accesses sensitive data, locks out the owners, and demands a hefty price for their safe return. During the pandemic, much of our lives became digital (such as Zoom school) and more technology was integrated into our lives, which made hackers more able to disrupt our everyday lives by taking advantage of our computer systems. For instance, a ransomware attack on the Baltimore County Public School System last fall forced them to halt their virtual classes for two days. Ransomware attacks on hospitals and medical providers can cause them to lose access to medical records, delay the production of critical medicines like vaccines and insulin, and make it difficult for ambulances to reach people in need. In these cases, ransomware attacks can be life-threatening.


The attacks are impacting more than just large corporations and government agencies, but also the everyday people who rely on those services. The increased use of technology, cryptocurrencies like Bitcoin, and the integration of more access points into the computer systems of large corporations have all made them more vulnerable to ransomware attacks. Ransomware hackers, often sharing resources and tips in loosely defined groups, may also make copies of the information they steal and threaten to leak private information (like credit card numbers) if they are not paid. Even if companies have backup copies of their systems to restore them, hackers can delete those backup copies or use the imposing threat of sensitive data leaks to make it impossible for companies to avoid paying the ransom and escape the clutches of the attackers. Moreover, these faceless criminals are hard to catch, since they usually demand their ransoms be paid in Bitcoin, which is largely untraceable. This leaves victims with a difficult choice: pay up, get the data back and make some hacker incredibly rich and empowered to attack someone else, or start over, reenter all the data, or go back to paper logging, and put people’s time and lives at risk.


A prime and frightening example of how ransomware attacks can derail society is the attack on the Colonial Pipeline (America’s largest fuel pipeline which services much of the eastern United States) that occurred back in May and late April of this year.

When the Colonial Pipeline was hacked and their billing system compromised, they shut down their pipelines in an effort to take their systems offline and prevent the hackers from accessing other parts of the network. The shutdown of the company resulted in shortages of gasoline, spiking gas prices, hoarding, and panic buying. Many believe this serves as a ‘wake-up call’ for other national utilities like water, nuclear and electrical grids to step up the security of their digital systems to reduce their vulnerability to ransomware attacks. President Biden is ushering in this change by signing an executive order to strengthen the government’s cyber defenses. He hopes that businesses in the private sector will also take up action to protect themselves against ransomware attacks, such as having their employees change their passwords frequently and require two-factor authentication, using Artificial Intelligence (AI) to identify patterns of suspicious actions on the network, and monitoring their systems constantly in the assumption that at some point, there will be a breach.


As for the Colonial Pipeline attack, the FBI has confirmed that a private group known as DarkSide, who are believed to be operating from Russia (their online communications are in Russian), was largely responsible for the attack. Allegedly, they hacked into the Colonial Pipeline’s system using a single employee’s credentials and a virtual private network (VPN) to gain access. Russian authorities do not actively pursue privately (not state-sponsored) operating cybercriminals who attack other countries. President Biden will be meeting with Russian President Vladimir Putin in Geneva two weeks from now and says he will bring up the cyberattacks.


Sources:





12 views0 comments

Comments


bottom of page