Don’t ignore the annoying pop-ups on your computer reminding you to update your software and security system or strengthen your password.
The last thing you would want to happen is to lose all of your work and be forced to pay a ransom fee to hackers to get it back.
It doesn’t matter if you are a large company, a small business, a financial analyst, a student, a writer or anyone else using a computer, it can happen to you, according to a sampling of Berks County experts in the internet technology industry.
Ransomware is a malicious software designed to block access to a computer system. The hackers usually demand to be paid a ransom in bitcoin to release your data.
Ransomware, a form of malware, came to the forefront in May when authorities say hackers from a Russian-based group known as DarkSide gained access to Colonial Pipeline's account and shut down its system.
The pipeline carries 2.5 million barrels of gas, providing 45% of the East Coast supply of diesel, petroleum and jet fuel.
The hacking created a false sense of a shortfall of gasoline, causing panic-buying and price increases in some states for at least 11 days.
The pipeline was closed until CEO Joseph Blount paid a $4.4 million ransom.
On Monday, the U.S. Department of Justice announced that the U.S. recovered $2.3 million in bitcoin paid to the hackers. This was the first time ransomware money was recovered by the Justice Department.
Cashing in
It has happened to businesses in Pennsylvania and Berks, but has not been publicly reported or resulted in criminal charges, said John P. Weidenhammer, president of Weidenhammer Systems, a Wyomissing-based technology company.
“It’s a significant threat, and it can be very expensive and disruptive,” Weidenhammer said. “For some people, it can be like robbing a bank. It’s organized crime. They are in it to make money.”
John Weidenhammer
Weidenhammer said an insurance company in Pennsylvania was hacked with malware and managed to work around the problem without paying the ransom.
Shawn Kramer, chief information officer of Lantek, an IT support company based in Maxatawny Township, said ransomware can attack any system.
“For years, people got viruses on their computers and had to get them fixed,” Kramer said. “Now, the name of the game is money. They will use your data to shut down your system and then ask for money to reopen it.”
Kramer’s company provides education to consumers on how to avoid getting scammed.
He noted there were no significant scams in Berks with hackers using ransomware.
Nevertheless, he said it’s important to be aware that it could happen to anyone, noting that the medical, legal, transportation, and oil industries are all operated by computers.
Kramer said ransomware does not invade your computer overnight.
A ransomware hacker will encrypt files on a host system for several months, then ask to be paid in return for returning the files.
Ransomware hackers tend to go after businesses receiving a lot of emails. They trick users into allowing administrative access to accounts by masquerading as a file they can trust.
Consumers who have weak passwords, poor security and open malware emails that are disguised as email from government organizations or industry peers also can be targets.
“Keep your systems up to date to prevent people from stealing your money,” Kramer said.
Kramer recommends all consumers follow these basic tips:
- Computers companies like Microsoft will never call your house asking you for information.
- Banks and financial institutions will never call your house.
- Do not give out any personal information over the telephone.
- Credit card companies will not contact you by phone to pay your credit card bill.
Officials with Tower Health, based in West Reading with Reading Hospital as its anchor, said the safety and security of computer systems and data necessary to provide health care to patients and the community is of utmost importance.
The hospital does not publicly discuss its cybersecurity practices, but does provide these security recommendations:
- Encourage individuals to never share passwords.
- Never use identifying information like names or birthdays in passwords.
- Remain vigilant when reading and opening emails.
- Do not open emails you are not expecting or do not know where they have come from.
- Never click on links to unknown websites, links that look suspicious or links from an unknown sender.
'Bad actors'
Malware has become the weapon of choice for criminals seeking to destroy businesses.
The hackers are typically based in countries that do not have strong relationships with the U.S.
The hackers will request ransom money to return the data necessary to operate your business.
Anthony Cartolaro Jr., vice president of Weidenhammer’s digital platform division, said that if a ransomware hacker is from a country that does not have strong relations with the United States, the hacker will not be extradited for prosecution.
Cartolaro said there have been situations in which hackers broke into lists of schoolchildren who are provided with government subsidized lunches, resulting in children not being fed lunches.
“There are bad actors interrupting the operation of a company,” he said.
Cartolaro said those who are hacking the systems are aware people are working at home and are adjusting their way of hacking into systems.
“No one is immune,” Cartolaro said. “Companies are becoming more vigilant.”
Berks County District Attorney John T. Adams said his office employs computer forensic specialists, but the perpetrators of ransomware crimes are investigated by the FBI.
Back it up
The ransomware hacking is nothing new, but has become more high profile.
David, who owns a company with offices in Berks and Lehigh counties, said that his computer system was hacked by ransomware in 2011. He declined to provide his last name and the name of the company to avoid issues associated with the hacking.
He said his company did not pay the ransom because it had saved its data on a backup system at an off-site location.
He said he had a firewall and other security measures built into the system. His employees receive computer security training provided by Lantek.
The problem, he said, is there are no ramifications against the hackers.
“They are hijacking information,” he said. “It’s an easy way to get money.”
He recommends backing up all of your data in another system.
Fred Prutzman, IT manager for the Reading Housing Authority, said the authority’s 76 employees receive cybersecurity training from Lantek.
Prutzman said the authority’s security system includes a firewall to prevent hackers from breaking into the system.
“We tell our employees not to open email that is not part of the authority’s email system.” Prutzman said. “We deal with very sensitive information.”
Gloss