Ransomware is infiltrating the internet at every turn; how to protect yourself, your business

HONOLULU (KHON2) — Ransomware is not new; but in 2023, it has taken center stage in internet security warnings.

“Ransomware is a type of malicious software, or malware, designed to deny a user access to a computer system or computer files until a ransom, typically cryptocurrency, has been paid,” said the U.S. Army Command. “Ransomware uses encryption to hold the data hostage and requires a decryption key before a user is granted access.”

Hence, if you do not pay the ransom that is requested, you will be made vulnerable to any number of retaliatory methods.

On Jan. 26, the Associated Press reported that the FBI along with international partners temporarily disrupted the network of a prolific ransomware gang. Attorney General Merrick Garland and other U.S. officials told AP that the group was infiltrated in 2022.

The operation potentially saved victims, including hospitals and school districts, an estimated $130 million in ransom payments Attorney General Merrick Garland and other U.S. officials announced Thursday.

The AP reported that on Feb. 17, the United States Marshal’s Service was hit by a major breach. In this instance, The USMS’s computer system was compromised, allowing hackers to steal sensitive and personally identifiable data about agency employees and targets of USMS investigations.

The hack was reported to have been disconnected from the network after the breach had occurred and after data was stolen.

“The Justice Department determined it was a major incident and opened an investigation as the Marshals work ‘swiftly and effectively’, to tamp down any risks associated with the breach,” said agency spokesman, Drew Wade.

Following this attack, the AP reported that On June 15, the Department of Energy and several other federal agencies had been hacked by a Russian cyber-extortion gang. This gang was operating a global hack of a file-transfer programs that are popular with corporations and governments.

As Homeland Security did not believe this instance would be a major issue, there were hundreds of victims who saw this as serious, including everything from industry to higher education.

Then on July 4, AP reported that there were confidential documents stolen from schools and dumped online by ransomware gangs. The AP described the files as “raw, intimate and graphic”.

The files that were leaked online were identified as containing information on student sexual assaults, psychiatric hospitalizations, abusive parents, truancy and suicide attempts along with employee medical records, discrimination complaints, Social Security numbers and contact information of district employees.

These breaches seem distant, but ransomware is also entering into the lives of civilians. Our keiki and kūpuna are the most vulnerable, but we’re all capable of being targeted.

“Many of us know family members who have been victimized by these cyber schemes. Kūpuna are most susceptible to tech support scams as well as those involving free prizes, sweepstakes and lotteries,” said Al Ogata, president and CEO of CyberHawaii.

He went on to explain further.

“Kūpuna may be more trusting and willing to receive help from a tech support person they may not know and may be more likely to participate in phony games of chance with the fruits of their labor. Unfortunately, older adults who are scammed tend to lose more money than their younger counterparts — sometimes their hard-earned savings,” added Ogata.

The National Cyber Security Alliance provided KHON2.com with some information that can help you avoid being targeted and falling victim to ransomware schemes:

• Always use antivirus software and a firewall: Protect your computer (and your cell phone) by using antivirus software and a firewall from a reputable company.
• Do not click on links received from unfamiliar sources. Even if you think you know the sender, it can still be a scam. So, be cautious about clicking on email links. When in doubt, it is advised to delete it. Be especially wary of messages requiring you to act quickly, asking for personal information or threatening you in any way.
• Keep your laptops, desktops, notebooks and phones clean. Stay up-to-date with software and security apps. Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile, Wi-Fi and other internet-connected devices.
• Use strong authentication procedures that can weed out potential attackers. By requiring more than a username and password to access accounts, you can significantly increase your security. This is especially true for critical networks so as to prevent access through stolen or hacked credentials.
• Conduct regular backups of all your systems: Systems can be restored in cases of ransomware and having a current backup of all data speeds the recovery process.
• Make the move to create better, stronger passwords: In cases where passwords are still used, require long, strong, and unique passwords to better harden accounts against intrusions.
• Enable popup blockers: Popups are regularly used by scammers to spread malware. Prevent them from appearing in the first place by adjusting your browser settings.
• Most importantly, be skeptical: Don’t click on email links or open attachments you don’t recognize and avoid going to suspicious websites.

So, as you make your way through the internet each, remember that you are not alone. There is always someone out there waiting for you to click on that link…