i-Team: Ransomware Attack

Ransomware: it is information superhighway robbery and it could lead cyber criminals to a computer near you.
According to the FBI, the number of ransomware attacks is up 300% from 2015. It’s a global problem local Montgomery County officials are very familiar with following an attack on the county’s computer database last month.
That attack, which encrypted the county’s data, left many of its departments crippled for days unable to fully function.

That meant some people couldn’t get a marriage license or file for homestead exemption on their property taxes.
Since the county’s backup data was also locked down, the county was forced to give in to the attacker’s ransom demands to get its information back.

Chief Information Officer Lou Ialacci is in charge of making sure the chance of it ever happening again is greatly reduced. “I feel very badly that it happened and I sincerely apologize and want to do everything we can to make sure that it doesn’t happen again. I guess the main thing is I cannot guarantee anyone that we’ve not lost information , but I feel quite certain that based on the type of attack this is and reputation of the attackers and all the forensics that’s been done that none of our information has been compromised,” said Ialacci.

The FBI says an average of 4000 ransomware attacks happen every day. The agency says it is a billion dollar a year industry.
Montgomery County still hasn’t pinpointed exactly where the ransomware penetrated its system, but it is working on it with the help of the FBI.

Black Easterling is a computer technician with Montgomery Computer Services.
He says in the last few years ransomware attacks have become more targeted, with health care organizations, government agencies and businesses topping cyber criminals’ wish lists. Easterling explains how ransomware holds data hostage once it’s introduced to a computer network.

“The infection doesn’t appear when it infected it. It goes after non critical files, stuff you probably wouldn’t notice and then it works its way up to bigger game, finds the databases, spreads around your network and before you know it, by the time you realize that there’s an infection; it’s too late,” Easterling says.

And if you don’t have your files properly backed up, it can cost you. $47,000 was the price Montgomery county paid to free up its data.

Even though the FBI is investigating the rasonware attack on Montgomery County, there’s little chance the cyber crooks will be found.

“The way they’re paying the ransom is a decentralized currency and it’s also hard to trace. Anything is traceable if you want to put in the resources, but it’s called Bitcoin and U.Cash are the two top crypto currencies that are involved in this situation,” said Easterling. “Without a lead or without suspicion of these illegal activities, a guy can do a one hit wonder like this and probably get away with it. If he does everything he’s supposed to on his end and covers his tracks.”

Ialacci says it cost the county in the neighborhood of $100,00 to recover from the attack. That’s a revised number from the $280,000 released during a recent county commission meeting.

Ransomware attacks have become so prevalent that businesses and government agencies can now buy cybersecurity insurance policies for it.

Categories: Crime, I-Team, Montgomery Metro, News