On April 29th, Colonial Pipeline was hacked by a ransomware attack. The incident shut the entire system down and in turn, led to long gas lines all along the East Coast. On May 30th, another ransomware attack hit a U.S. division of JBS, the world’s largest meat company, causing meat prices across the United States to skyrocket. As gas and meat prices continue to rise across the country, many Americans have become more aware of the importance of cybersecurity. It is therefore good to recognize what hacking is and be informed on how to prevent it.
One common form of hacking, known as Phishing, is an instance when an attacker poses as a trusted entity to a person and attempts to obtain private information such as passwords or credit card information. An example of Phishing could be when a person gets an email from an attacker posing as, say, Best Buy. The fake Best Buy message tells them that their payment information didn’t go through and asks for their password to complete the payment. Once the attacker has their password, they can use it to get into other accounts. These phishing schemes are ever-evolving. One recent form of it has come in the guise of google docs. In this case, an attacker sends a malicious link that looks like a google doc, so the victim assumes that it is safe. As soon as the link is clicked, the victim has their information stolen or is directed to a site that installs malware on their computer.
At the present writing of this article, it is not known what specifically led to the Colonial Pipeline and JBS ransomware hack. However, it is known that the Colonial Pipeline was hacked by just one password that was used to get into an old network that still had access to the Colonial Pipeline system. This means that the whole Colonial Pipeline situation could have been avoided if the old network had multi-factor identification. Multi-factor identification requires a user to give 2 or more pieces of evidence to access their account. If you don’t currently have multi-factor identification on your accounts, Iler Networking and Computing strongly recommends that you get it as soon as possible.
To prevent Phishing attacks, you can also use security software on your computer and set it to update automatically. Backing up your data is a good idea as well. One good rule of thumb to keep in mind if you suspect a Phishing attack is to ask yourself: Do I know the person/company that just contacted me? If not, you should probably delete the message and maybe even report it. If it is an entity you recognize, but the communication seems strange, it would be a good idea to contact the trusted company through already established communication rather than directly replying to the strange message. Iler Networking and Computing also provides security measures and backup services for both individuals and businesses. To find out more information check out: https://iler.com/services/data-security/.