OKLAHOMA CITY (KFOR) – A digital war’s being waged, and your personal info is often the target. Ransomware hacks are on the rise across our state, but experts have tips so business’s can stay a step ahead.
It’s a scam that’s gaining an Oklahoma foothold, bringing Sooner cities and businesses to their knees at times.
Just this week, Tulsa Chief Information Officer Michael Dellinger updated the public on a ransomware hack with city files.
“Out of an abundance of caution, residents who have interactions with the city prior to May 8th are asked to monitor their financial accounts and credit reports,” Dellinger said during a press conference.
Seemingly every sector of the state though is vulnerable. Lucky Star Casinos revealed this week, they too were targeted.
More and more often, outside actors are hacking into files and holding personal records hostage for a fee.
Cybersecurity expert Geoff Wilson, with Go Security Pro, says as businesses coast to coast pay their way out of the mess, they’re making the problem worse.
“These bad actors are going after organizations and individuals that can pay the ransom, and they’re doing it rather successfully,” he explained. “It’s like a snowball. Ransomware is gaining steam because every organization that pays the ransom is actually funding this organized crime scheme. So they constantly improve and become more sophisticated over time.”
Geoff and his company help businesses plan for such an event.
“The worst time to invent a response plan is during the incident itself,” Geoff added. “So before you have the incident, making sure you have those processes and plans in place.”
He says businesses should consider:
- Multi-factor authentication
- Keeping more vulnerable information away from network connections
- Train employees on how to identify phishing emails/websites
- Maybe most importantly, backing up all data in a secondary location
“Having good backups,” Geoff said. “Having your backups isolated so that the ransomware does not encrypt your backups also.”
Should your organization fall prey, you should contact a cyber security pro, and the FBI.
Understand that you will likely need to make critical decisions on the compromised information.
“If you talk to the FBI, they’ll say ‘never pay the ransom’. But they understand if businesses have to pay the ransom in order to get critical data back,” Geoff said. “How much is that data worth to you? Can you recreate it? Can you live life without it?”
Should you need, there are cyber insurance groups who help navigate you through the process.
“They bring in other experts, like a legal team, forensic team to analyze the network. There’s other organizations that negotiate the ransom, and actually pay the bitcoin,” said Geoff. “Cause most organizations don’t have bitcoin to just pay ransom.”