By Steven J.J. Weisman
BOSTON — It is being reported by Jerry Del Colliano that radio giant Entercom has suffered its second major cyberattack in the last three months. The attack which occurred over the weekend appears to be another ransomware attack. In a September ransomware attack, it was reported that the hackers demanded a ransom of $500,000 to return control of affected systems which included email, phones, production, billing, and other crucial systems. These ransomware attacks are not isolated incidents. In the last year, other major radio companies including Townsquare Media and Radio One were hit with similar ransomware attacks, as were numerous smaller radio stations. You are never too big or too small to be a victim of a ransomware attack.
Ransomware is the name for malware that once installed on a computer, most often unwittingly through clicking on links in spear phishing emails, encrypts all of the targeted victim’s data and spreads throughout the computer network. The cybercriminal sending the ransomware then threatens to destroy the data unless a bounty is paid, generally in the form of Bitcoin or some other cryptocurrency.
Spear phishing emails are phishing emails that have been specifically tailored through a process called social engineering to appear legitimate in an attempt to lure the intended victim into clicking on a link in the email and downloading the dangerous malware.
Ransomware is also spread by what is referred to as drive-by downloading which occurs when someone unknowingly visits an infected website which automatically downloads the malware without the victim being aware of the incursion. Often ransomware and other forms of malware, such as keystroke logging malware that can lead to all of your sensitive data being stolen, are unwittingly downloaded by employees surfing the Internet for pornography or video games. In fact, 40% of all free pornography is viewed at work on company computers. Cybercriminals are aware of this and exploit this fact.
In 2017 two major ransomware attacks occurred that affected millions of computers around the world. These were the infamous WannaCry and Peta ransomware attacks. Later, the city government of Atlanta became a victim of a major ransomware attack. Since that time, numerous cities, hospitals, businesses, and companies have been hit with ransomware attacks. In its 2019 Verizon Data Breach Report that gathered data from 65 countries, Verizon found that ransomware — only the 22nd most common malware deployed in 2014 — is now the second most common malware used in attacks by cybercriminals.
A major reason for the increase in ransomware attacks is due to the new business model used by sophisticated cybercriminals who develop the intricate ransomware programs. Instead of merely deploying the malware themselves, they are now selling or leasing the use of their malware, along with tech support, on the Dark Web to less sophisticated cybercriminals. The Dark Web is a special part of the Internet where criminals buy and sell goods and services. It is expected that ransomware attacks will continue to increase throughout 2020.
So how do you protect yourself from these inevitable attacks?
First, you recognize that regardless of how good your computer security software is, it will always be at least 30 days behind the latest zero-day defect ransomware malware for which there have not yet been developed defenses.
A good defense of your data is to have a data backup and recovery plan for all critical information that includes backing up all of your data in two different formats, with one off site. You also may wish to consider using application whitelisting that will prevent malicious software and any unapproved program from being downloaded. Application whitelisting only allows previously approved programs to run or be downloaded, thereby blocking malware.
Even though your security software will not protect you from the latest zero-day defect ransomware, many ransomware attacks have occurred using older versions of ransomware for which defenses have already been developed. Use a strong security software system and do not delay in installing all security updates as they are issued.
People are most often the weakest link when it comes to security. Every company should make a real commitment to security awareness. All companies should be continually training their employees in proper security practices and limiting access by employees to sensitive data to only those employees who need to have such access. Ransomware and other malware attacks constitute a major threat to your business on many levels including the theft of personal information of your employees that can be used for a variety of criminal purposes. Ongoing cybersecurity efforts must be a high priority for us all. In the future I will write about more ways you can protect your cybersecurity.
Steven J.J. Weisman is a practicing attorney, legal editor for TALKERS magazine, a professor of Media Law at Bentley University in Waltham, Massachusetts and publisher of the website www.scamicide.com. He can be e-mailed at: firstname.lastname@example.org. Steven J.J. Weisman is available as a guest to discuss legal matters and the subjects of identity theft and scams.