Search within:

Cybersecurity careers - Fighting back against ransomware attacks in the U.S.

Rory Ball
December 2, 2021

Ransomware is becoming an essential industry to protect companies, government organizations, and individuals from cybersecurity attacks. In the past year, cyberattacks on companies' network data have increased nearly 80 percent, and security software companies, like Rubrik, Inc., stress now more than ever the need for data protection.  

Ron Minto, ITS '98 graduate and leader of sales engineer at Rubrik, Inc. works with universities, large enterprises, hospital systems, and manufacturing companies that are looking to secure their data and networks. When selling Rubrik’s security software, Minto explains the intricate details of what security software systems do to protect data and make sure what customers are looking for is what Rubrik can offer.

When attacking networks with ransomware, hackers attempt to access private credentials by encrypting data, often enterprise data, and locking files so companies cannot access their own databases, financial information, or medical records. Hackers work to lock databases with encryption keys to block companies from accessing their files. Hackers send ransom notes to companies after encrypting data, and they request hundreds of thousands, even millions of dollars, worth of Bitcoin from companies to reattain their data.

On top of that, if hackers do not receive the ransom, they will keep the data forever and it will be completely gone, resulting in companies losing vital information. If hackers receive the ransom, hackers give companies the key to decrypt the code and access data once again, unless hackers want more money in which they use double extortion. In this situation, hackers not only request a ransom for access to the data, but they higher the ransom and threaten to leak information on the internet. For companies with specific data that they do not want to reach the general public, like plans for a new product, personal health care records, or private conversations, double extortion can be detrimental.

Ransom attacks come from countries that do not have the regulatory and legal systems that the U.S. has, which makes it nearly impossible to request governments to step in. This is prominent in Eastern European countries, like the Czech Republic, Estonia, and Ukraine and larger nations like Russia. In 2016, Russian hackers encrypted and leaked emails from the Democratic National Committee, revealing private conversations and plans regarding the upcoming election.

“Some people think that the government of Russia actually did it,” said Minto. “Other people think it's just some hacking organization that isn't actually technically part of the Russian government, but the Russian government knows what they do and is totally fine with it.”

As hackers continue to use cybersecurity attacks for personal profit, some governments, with few regulations, are also able to benefit from them.  

“[Ransomware] has actually become a cottage industry where there are companies out there that do this for personal profit… [which] allows them to operate with tacit approval,” said Minto. “It's kind of like [governments] pretend like they don't know what is going on, but they'll still take cuts of the ransoms that [hackers] get.”

Dark web cybersecurity resourcing also allows hackers to essentially use private contracting to gain access to data that is difficult to encrypt. They seek out tools on the dark web, sold by private organizations, that help them access, encrypt and collect money from companies they are hacking.

The increasing number of ransom attacks on enterprises and government organizations poses a threat to national security. In May 2021, hackers used the dark web to encrypt Colonial Pipeline’s data network causing gasoline disruptions across the East Coast. This left individuals and companies across the coast without gasoline, unable to conduct trade.

“If [hackers] are attacking our commerce in a similar way [to terrorism] that is not violence, and it is costing millions of dollars, that is also a national security threat,” said Minto. “If [hackers] can stop fossil fuels, then [they] can stop an economy. So, just imagine what else they could do.”

Rubrik, Inc. sells software that provides the last line of protection to protect companies against ransomware attacks. In the case of Colonial Pipeline, they did not have security software to protect themselves from attacks before the 2021 attack so nothing could be done to recover the data. The company was forced to pay the $4.4 million ransom, and Colonial Pipeline then decided to purchase millions of dollars of Rubrik software to protect from attacks in the future.

Hackers’ ability to access U.S. companies’ data networks has increased throughout the pandemic as employees were required to work from home. Without employees present at data centers, hackers had more time to encrypt companies’ data before people could physically pull the plug on data centers.  

“Not only do [hackers] slow down IT organizations’ ability to protect against [ransom attacks], but they are also taking advantage of the fact that people are working from home and there are distractions,” said Minto.

Rubrik and many other software companies have been placing even more security measures for their own employees that protect themselves from hackers. Security measures like third-party verification apps, always using the latest operating systems, multi and two-factor authentications, and one-time passwords are all steps companies and individuals can make to protect themselves from ransom attacks.

The McClure School of Emerging Communication Technologies strives to offer the best academic programs in the IT (Information Technology), the game development and the Virtual Reality/Augmented Reality (VR/AR) industries. Our programs and certificates cover numerous aspects of the rapidly changing industries of information networking, cybersecurity, data privacy, game development, digital animation and the academic side of esports.