Scott Pelley from 60 Minutes asked, “Can all companies and local governments expect to be attacked?” The FBI's Mike Christman thinks everyone should expect to be attacked by cybercriminals.
Tom Pace runs NetRise, a cyber-security firm, demonstrated a website that offers ransomware for rent. An attacker can use one of many illicit products there and the website takes a cut if a ransom is paid. It is off the shelf and ready to use. A person does not have to write any code. The hackers often extort in two ways. First is encrypting all their files. Second is threatening to release all their clients and customers confidential data to the public.
Hancock Regional Hospital CEO, Steve Long used to say, "Oh, those poor folks. I'm glad that's never going to happen to us." But, in fact, hackers encrypted every file that Hancock Regional Hospital had on their computers and network.
The city of Leeds, Alabama may have been hit by one of the ransomware variations that scan the internet, blindly, looking for vulnerable networks. Conservatively thousands to tens of thousands of targets are scanned and attacked at a time.
Christman says in 2017, 1,700 successful ransomware attacks were reported but he figures that's less than half. Most businesses, he says, would rather pay than admit they were hacked. Mike Christman: I'm aware of one ransomware variant that affected all 50 states that had some $30 million in losses, and over $6 million in ransom payments. I would tell you that the losses are very significant, and easily approach a hundred million dollars or more just in the United States.
The FBI says Colonial Pipeline and JBS, the meat processing company, were each hacked using ransomware for rent -- from two Russian-based groups. Following is the URL for the 60 Minutes article: How cybercriminals hold data hostage... https://www.cbsnews.com/news/ransomware-cyberattacks-60-minutes-2021-06-06/