FORT WORTH (CBSDFW.COM) – We locked down. We masked up. And we worked from home.
But, while we did everything we could protect our health, most all of us exposed ourselves to another type of viruses- cybercrime.
“This is all happening because someone like me is working from home?”
The CBS 11 I-Team asked this question to Matthew DeSarno, the Special Agent in Charge of the Federal Bureau of Investigation in North Texas.
He discussed ransomware with the I-Team.
DeSarno says it’s the “the biggest single issue in the cybercriminal world right now.”
According to the FBI’s internet crime report, complaints rose 69% from 2019 to 2020. Money loss jumped around $700 million, from $3.5 billion to $4.2 billion.
DID THE PANDEMIC CAUSE THIS?
“What the pandemic did was create an environment where networks, corporate and or government networks or education systems networks that were relatively well controlled in centralized locations on company equipment became decentralized,” says DeSarno.
More and more equipment began connecting from homes, hooking into networks, and creating vulnerabilities for us individually.
It then exposed major networks nationwide.
“The largest of ransomware attacks are typically businesses, municipalities, municipal governments, hospitals, school systems.” DeSarno says first cyber thieves demand money.
“The idea is just like a kidnapping for ransom.”
Next, the bad actors often raise the stakes threatening to leak sensitive information or worse.
The I-Team asked, “Is the fear the hospital lights go out and the power is shut down?” DeSarno says, “Yes.”
Desarno would not discuss specific cases, but he says this is happening all the nation and all over his jurisdiction in North Texas.
WHO AND WHAT GOT HACKED?
In Florida, A hacker tapped into a water supply system threatening to poison it days before the 2021 Super Bowl.
Boston parents panicked as a school suddenly locked its doors. Shutting down email and turning off the phones, the cybercriminal held the system hostage.
The University of Colorado in Denver is one of many universities nationwide that was targeted by cyber thieves trying to extort students and the schools. Stanford University, the University of Maryland and the University of Miami reportedly also faced similar hacks.
Here in Texas, dozens of smaller municipalities struggled with ransomware attacks. Cyber thieves told mayors of places such as Keene to pay millions or you’ll be shut down and your private information will be made public. A spokesperson for the Texas Department of Information Resources tells the I-Team the investigation is ongoing but “no ransom was paid.”
The FBI says fear of the possibilities and concerns over branding cause corporations to keep quiet. Federal agents want victims to come forward and begin working with them immediately.
The Office of Court Administration sent out a statement saying the Texas court system suffered a “serious security” breach during a ransomware attack.
Texas-based The Sewell Family of Companies used its website to warn customers of a data security breach. The warning is no longer on Sewell’s website.
Dallas-based healthcare provider ProPath announced a bad actor accessed email accounts which may have exposed names, birthdates, medical information and social security numbers.
HOW DOES IT HAPPEN?
“The ransomware actors get into the networks…through simple mistakes by us like clicking on attachments,” says DeSarno.
According to the 2021 Webroot Bright Cloud, in March of 2020, malicious emails with “zoom” in their names spiked 2000% in one month.
CAN YOU DO?
—Look closely at the address of incoming emails. You may think you know the person but it could be off by one or two letters.
—Simply do not open attachments or links from sources you can’t verify.
—Do not post meeting notifications on public sites.
—Require passwords to enter online meetings.
—Always use two-factor authentication.
—And, install all anti-virus updates.
And here’s one more reason to be careful and be aware.
Your employer may be testing you.
Many companies are sending test emails just to see which employees click on suspicious links.
If you receive a ransomware threat, the FBI says your first call should be to federal agents.