GSN Aug/Sept Digital Edition

More documents

Recommendations

Info

Cybersecurity and ConvergenceComputer files held hostage by ransomwareare thwarting law enforcementBy Karen Ferrick-RomanAn upstate New York village of lessthan 8,000 people paid the equivalentof nearly $10 per capita last yearto hackers because its computerprograms were held for ransom.Ilion, N.Y., made payments of$300, then $500 to access its ownpayroll, accounting and financialfiles, reports the Associated Press.The AP also says that police in theChicago suburb of Midlothian paida $500 ransom in untraceable bitcoin.In Maine, the Lincoln Countysheriff ’s office paid a $300 ransomto regain access to its computers. Inthis case, the FBI helped to trace thepayment to a Swiss bank account—but could not identify the hackers.Ransomware—malwarethat can freezecomputers and/or stealtheir files—has grownmore prevalent in the lasttwo to three years, saysDr. Jibey Asthappan,assistant professor anddirector of the Universityof New Haven’s nationalsecurity program.While the amounts setDr. Jibey AsthappanUniversity of New Havenfor ransom may be small, the aggregateadds up to losses of billions.Thus far this year alone, Asthappanestimates, $2 billion has been spenton ransomware impacting municipalities,government agencies of alltypes and individuals.Using caution in opening suspiciousor unexpected emails is themost basic prevention. Regardlessof an agency’s size, Asthappan says,each individual employee mustknow the protocols for cybersecurityand must be trained to knowthat emails might have payload. Theauditors who uncovered the Ilionransomware issue cited irregularcomputer protocols: user accountsfor ex-employees that hadn’t beenclosed, generic accounts used bymore than one individualand lack of a recoveryplan for security incidentswith backup data.A few sloppy ransomwarehackers have beencaught, including somein Europe, Asthappansays. But most bad guysare outrunning law enforcement.“It’s not unheardof but we’re not34catching anywhere the amount ofattacks. About 600,000 computershave been held hostage in sixmonths, almost a million computersare held over the year.”Ransomware hackers are good atusing the banking system, Asthappansays. “We have yet to locate oneof these guys to find out what they’rereally making (in ransom), goingthrough Swiss bank accounts.”Asthappan offers ideas for avoidingransomware, starting with thehumans who can thwart firewallsand spam filters: watch where youclick. He also advises creating twosystems: one attached to the internetand one, storing more sensitivedata and backup material, that is notonline—“air gapped.” To go a stepfarther, use a different operatingsystem on the air-gapped system,including now easy-to-use and inexpensiveLinux.He advises: When youget that email, don’t routinely downloadthe attachment—and don’thave the computer automaticallydownload it. Remember that a USBdrive, which also has executable files
(.exe), could also be infected.In many cases, the human user isactually sidestepping protective systems.“The user is actually circumventingthe firewall,” Asthappansays. View the sourceof the email with a simple right click.“At this point, it’s a necessity,” Asthappansays. “I really think that everygovernment employee who hassensitive data needs to know thesethings. Unwittingly, they could beopening up whatever ransomwareor have someone directly extractingfiles from your server. ...This is alittle bit more technical than peopleget in handling their email, but itcould save you a lot of problems.”Faking an internal email addressis difficult, but hackers may use adomain that mimics the legitimateone. Asthappan advises looking atthe email source page to see if theemail came from your own server.This is readable, though all in text. Taking anotherstep, find the IP address andGoogle it to check the domainaffiliation and country of origin.Unless you are expectingan email from Brazil, Nigeria,Russia or China, be wary. Asthappanadvises using a two-network,air gap system, with only informationthat needs to be onthe internet being on the onlinesystem to be shared with customersand other outsiders. Have backupsthat are not going to be infectedby the virus on your computer orharmed by hard drive failure—which Asthappan points out, willeventually happen with every mechanicaldrive at some point. If yoursystem is backed up, you can clearthe virus by wiping out the drive.Reinstall a fresh operating systemand the virus is gone—but so areyour files. The backup, which couldbe an uninfected USB drive, is calledinto action. While most government machineshave a Windows operating system,use a different operating system onthe backup. “Linux has become soeasy to use now, you don’t have tobe a geek to use it,” Asthappan says.Only 3 percent of the entire populationuses Linux, as opposed to millionsof Windows users, so hackerslooking to reach the widest number35of people will write programs forthe world’s most popular program.“They are spreading a wide net,”Asthappan says. “They are doingstandard phishing, sendingout bulk emails. If 1 percent of thepeople who receive the emails clickon them, that’s a great day. Hackersaren’t discriminatory; they wantanybody at all to click on it. Theymay not be targeting files—but wewouldn’t put it past anyone to targetmaybe a police department or anintelligence body. For those withinnational security, we need to bemore vigilant about this.Ransomware hackers also usespearfishing techniques, actuallytargeting people who work within aspecific agency and might be interestedin their email. “That’s when itstarts getting really sophisticated—so that means they know who youare and what information you haveunder your control.”As Comptroller Thomas DiNapolitold AP, “These incidents should bea wake-up call to local governmentofficials around the state. While thedollar amounts were small and novital information was disclosed, thisattack shows how the lack of basicIT safeguards can potentially costtaxpayers and cripple the day-todayoperations of municipalities orschool districts.”
Page 1 and 2: Government Security NewsAUGUST/SEPT
Page 3 and 4: NEWS AND FEATURESDriver arrested af
Page 5 and 6: officials, Ricky Shawatza Hall wasd
Page 7 and 8: city reduced the number of complain
Page 9 and 10: our system is secure with CINCH - t
Page 11 and 12: U.S. MARINE CORPS declares theF-35B
Page 13 and 14: complex weapon system in an operati
Page 15 and 16: Here’s how different the immigrat
Page 17 and 18: DHS Science & Technology Directorat
Page 20 and 21: New from Government Security News:P
Page 22 and 23: Cybersecurity and ConvergenceCloud
Page 24 and 25: Cybersecurity and ConvergenceNew Gu
Page 26 and 27: Cybersecurity and ConvergenceAdvanc
Page 28 and 29: Cybersecurity and Convergencemised.
Page 30 and 31: Cybersecurity and ConvergenceCyber
Page 32 and 33: Cybersecurity and ConvergenceUnited
Page 36 and 37: Cybersecurity and ConvergenceFrom a
Page 38 and 39: Disaster Preparedness and Emergency
Page 46 and 47: Business leaders, elected officials
Page 48 and 49: Protecting data in motion:A look at
Page 50 and 51: DHS Science & Technology Directorat
Page 52: Secure accessto cloud, dataand door

GSN Aug/Sept Digital Edition

Create successful ePaper yourself

Delete template?

Save as template?