Inside a ransomware attack: like 'giving keys to kingdom'
AUGUSTA (WFXG) -- Cybercrime costs companies and individuals trillions of dollars every year.
And the Georgia Cyber Center exists to help fight the growing problem.
“You receive the email, and it looks official, it sounds official and you take whatever action they’re wanting you to take through the email,” said Steve Foster, a special agent in charge for the Georgia Bureau of Investigation at the Georgia Cyber Center. “Basically, it’s a standard old con job.”
The days of trust on the internet are becoming obsolete. Cybercrime like ransomware is compromising trillions of dollars’ worth of data every year.
“Ransomware is the intrusions,” said Foster. “The traditional hacking only makes up about 8 percent of cybercrime. The rest is we’re giving them the keys to the kingdom.”
Most of the time the locks are solid, but sometimes something as simple as somebody working from home on an unsecured server can breech the integrity of the whole structure.
“Somebody gets in there with bad code to company A and it spreads to Company B, C and D, and it’s through the corporate network and infects them all,” said Kris Anderson, the chief engineer at WFXG. “Once somebody gets inside the kingdom, they’re free to roam around.”
To simplify what happened: a hacker got into our system and encrypted many of our files. We saw a ransomware message, with an email based out of Switzerland, about an hour into our morning newscast.
“You really get back to the basics just to stay operational,” said Anderson.
With the teleprompter down for 10 count and a cornucopia of corrupted files, putting a newscast on the air became a Herculean challenge.
“And that’s where we had to get very inventive,” said Anderson. “We had to start trying to fix things with wire and bubblegum.”
If you want to imagine it another way: It’s like if you left your house to go grocery shopping, and when you came back all of your stuff was gone. You can get it back, but they want you to pay to do it.
“(It’s like) a worm, a virus spreading through the system. It doesn’t necessarily hit all parts of it at once,” said Anderson. “It’s finding pathways that it hasn’t yet unlocked and it just keeps probing.”
So, our company isn’t alone. About 92 percent of all cybercrime starts with an email. It’s why the Georgia Cyber Center is stressing collaboration to figure out how to slow---and eventually stop---the criminals.
“Us working here gives us the opportunity to work with experts from private industry, from academia, the military to be able to share experiences and tools that we may be able to use,” said Foster. “They may use it for one thing, but we’re able to use it to investigate cybercrime.”
In the last two years, the cyber center has doubled its staffing and continued to supplement its creative energy and juices. As criminals become more sophisticated, the cyber center is setting aside more ambitious goals to continue defending America.
“We’re very reactive now and we want to become more proactive, so we’re able to catch crimes as they happen instead of reacting after the fact, and trying to play catch up,” said Foster.
One of the easiest ways to ensure you stay safe is to use OTPs or a second step of verification for everything, like sending a code to your cell phone to log in to devices. That way you’re making it that much more difficult for criminals to get into your files.
Copyright 2020 WFXG. All rights reserved.