PROVIDENCE, R.I. (WPRI) — While the pandemic upended many aspects of our lives, it also led to an increase in cybercrime, according to local cybersecurity experts.
The internet is a tool many of us can’t live without, but if it’s left unprotected, it can bring our world to a screeching halt.
In just the past few months, the U.S. has experienced some of the biggest cyberattacks in history, from production being disrupted at the nation’s largest beef processing plant to a major gas pipeline getting shut down.
“A cyberattack is an intentional act conducted by one or more cybercriminals to steal data, extort money, disable networks, or interrupt normal business processes,” explained Nicholas Tella, an adjunct professor and the director of information security at Johnson and Wales University.
Other cases involve ransomware, in which criminals hack into a computer system, take control of data and hold it hostage.
“It puts a password on it and encrypts it, and the only way you can ‘unlock’ your file is knowing that password or that special key,” Compass IT Compliance VP of cybersecurity Jesse Roberts said, adding that anyone could be at risk.
“Small, medium businesses, large businesses. Anywhere where [cybercriminals] can find their way in, they’re getting in,” Roberts continued.
According to Tella, the pandemic gave rise to an uptick in cyberattacks.
“Since COVID the past year and a half, we’ve essentially moved from an in-housework environment to a remote work environment that’s just increased the risks for vulnerabilities to be exposed,” Tella explained. “If your network at work has all the security precautions in place, by then making it accessible from the outside, you’re opening up several doors to your network.”
In 2019, at least seven cities and towns in Rhode Island fell victim to ransomware attacks, and data from an FBI cybercrime report showed there were six similar crimes the following year.
Worldwide, ransomware attacks have gone up 93% over the past year, according to Check Point research.
“The biggest targets now are supply chain, transportation,” Tella said. “You take down transportation, you’re going to affect a lot of things. Some of it can be tremendous economic impact to our society.”
Tella said greed is often at the center of these crimes.
“They want to make money. It’s easy money. It’s untraceable,” Tella explained.
However, the motivation could also be political, according to Roberts. He said many of these cyberattacks originate from Eastern European nations, and just last week, the Biden administration said it would not hold back when responding to attacks from Russia and China.
While the FBI doesn’t support paying ransom to cybercriminals since it encourages more attacks to happen, Tella said it’s cheaper in most cases to fork over the money to recover the encrypted data, citing an attack on Atlanta several years back.
“The ransom was $50,000. They refused to pay it, and it ended up costing them over $20 million to restore the data,” Tella recalled.
Roberts said about 90% of cyberattacks originate from “phishing emails.”
“Phishing is a social engineering attack using fraudulent communications appearing to come from a trusted source,” Tella explained. “Its goal is to steal sensitive information or trick people into installing malware. This occurs when users click links and attachments that install harmful malware.”
Roberts explained how to spot such an email.
“Be aware. Look for malformed links, take a look at the email and look for misspellings in the email itself and improper grammar,” he said.
Informing workers about phishing emails through proper training is key in preventing from someone clicking an unsafe link, according to Tella.
“You can have millions of dollars in security tools in place, and all you need is one person to click on that phishing email and that’s all out the door,” he added.
He also said it’s crucial for companies to be prepared in case they’re hit with a cyberattack.
“You have to have proper contingency, planning in place, on how to respond to one of these events,” Tella said. “The biggest thing is preparation and how to respond.”
According to Roberts, companies and municipalities can protect their data by having “defense in layers through enhanced detection response.”
“What ends up happening is if they’re not secured properly with two-factor authentication – good passwords, private keys – attackers can just run scripts to find these open ports and get into the system that way,” he explained. “You want to look into getting your systems evaluated, especially those external facing systems that allow some level of remote access, just to make sure there’s no security weaknesses in those that would allow somebody in.”
“We’ve known for over a decade that critical infrastructure was the top target of cybercriminals,” U.S. Sen. Sheldon Whitehouse said.
After the recent cyberattacks across the nation, Whitehouse joined other lawmakers on Capitol Hill to introduce two bills to Congress: the International Cybercrime Prevention Act of 2021 and a bipartisan bill that would allow private sectors “to take actions to protect their operations in response to cyberattacks.”
While some regulations, according to Tella, have been based upon protecting our personal data, he said it’s time to put regulations in place to protect computer networks from “threat actors.”
“I think that right now the federal government is looking at it at more from an offensive perspective: ‘what can we do to these countries that are allowing these criminals to operate?'” Tella said. “I think what also needs to be done is: ‘how we can then properly defend ourselves by mandating these security controls to be put in place in these sectors that really don’t have any regulations that tell them what they have to do?”