Scott Pierce, a Connecticut State Police detective assigned to the FBI Task Force in New Haven, warns that the proliferation of high-tech devices has created new opportunities for cybercriminals to engage in digital crimes.
“With all of this technology and convenience also comes a new set of problems. We”™re more vulnerable than ever before, and more of our personal information is being unintentionally made available to these criminals.”
Pierce identified ransomware as the fastest growing cyberthreat being tracked by law enforcement, during a recent webinar “Protect What”™s Yours: Tales from the Front Lines of Cyber Defense,” sponsored by Bridgeport-based People”™s United Advisors.
He cited a recent case involving an unnamed Connecticut company that became the victim of this high-tech assault.
“Picture a midsize construction services business that does $50 million or so in revenue each year,” he said. “The employees arrived to work one morning and discovered all of their computers are encrypted. On all the screens is a message in broken English that demands a ransom to unlock their files. They”™ve lost access to their entire system ”“ the customer database, billing, employee information, their entire network, their email server, even their phone system is down.”
Pierce said the company”™s executives contacted the criminals behind this attack, who demanded a $1 million ransom to unlock the computers. The company negotiated the ransom down to $250,000 to get their systems back, something that Pierce did not endorse.
“Obviously, my default answer is to never pay the ransom,” he said. “Because if you do, you’re perpetuating the problem and essentially rewarding the criminal behavior going forward. And there”™s no guarantee that the criminals won’t reinfect your system ”“ we regularly see organizations get hit more than once because they still have access and they”™re attempting to extort them for more money.”
Complicating matters, Pierce said, is knowing that ransomware criminals are also stealing data before they encrypt it, often threatening to publish the information on dark web forums and marketplaces if they don’t receive the payment. As a result, the companies that receive a ransomware attack need to notify their vendors, customers and employees that confidential data has been breached.
“The economic cost is much more than just the ransom payment,” Pierce said. “It could be multiple weeks or months of lost revenue, potentially a large payment to the criminals, hundreds of thousands of dollars to rebuild your network and computers from scratch. And then, most importantly, your reputation takes a huge hit, going forward.”
Pierce said it took this particular company “about three weeks to get back online, and then they’re still recovering months later, still upgrading their computer systems and still making sure that they’re doing everything properly going forward. It”™s a long process.”
Donald Codling, a retired FBI officer who was a cyberteam leader at the agency, also addressed the webinar by echoing Pierce”™s concerns that expanded digital connectivity is making work easier for cybercriminals.
“There are so many ways into people”™s digital lives now,” said Codling, the owner of the cybersecurity and data privacy firm Codling Group International. “It can be their smartphones, it can be their smart thermometers, it can be the smart door locks. Think of your house: You used to have a front door, back door and 10 windows, but now you have 500 doors and 1,000 windows.”
Codling defined this situation as “digital exhaust,” where all of the data created on any device leaves a residue stream across cyberspace that can be located and exploited by increasingly sophisticated cybercriminals. Codling cited an example within the Riverside section of Greenwich where he was able to sweep up the digital exhaust of a business.
“In about seven minutes, by going through a couple of different websites, I was able to determine what looked like an art dealer or an art gallery that had a data breach,” he said. “Those records were spilled out onto a publicly accessible dark web form. I figured out that a certain individual had bought a piece of art in excess of $100,000, and I had the personal assistant”™s name and telephone number attached to that sale.
“Knowing where to go,” Codling continued, “I didn’t have to pay anything. Now, I had a rich target to go after if I”™m a criminal.”
Another area of digital exhaust identified by Codling involved money transfer and payment apps.
“One of the ways those apps make money is by selling your data,” he said. “They are aggregating your data and selling it someplace, which adds to your digital exhaust stream. I would always stick with a well-known like Venmo and other brands or stick with a bank’s person-to-person system.”
And with the holiday shopping season now in motion, Codling added that e-commerce customers need to be extra.
“One, make sure that you”™re on the right site,” he said. “If you mistype the URL, you might just wind up in a scammer”™s lap. Second ”“ and this applies to not only retailers but any other websites you rely on ”“ if you get an email telling you that something”™s wrong with your account and you need to verify information with them, delete that email immediately. It”™s almost surely a scam, and one that will surface in force during the holiday shopping season. If you have questions about one of your accounts, go to the appropriate website, not via an unsolicited email that purports to be from the company.”
