Some people keep saying that the next war will be fought online, and the events happening every day in the cyber space keep bringing us closer to that uncertain reality. Of late, Ransomware has been a major threat to both target individuals and important, multi-billion dollar installations. Now, a US natural gas installation has been hit.
Although the US DHS (Department of Homeland Security) hasn’t disclosed the name of the facility hit, it’s pretty clear that the situation serious given that it’s a gas facility and that it’s been shut down for 2 days to give space to deal with the attack.
How Did It Get In?
One of the issues troubling a lot of people is in understanding how such malicious software could have infiltrated a secured facility. For one, there’s the aspect of human error. It’s said that the most secured network can be breached because of a single mistake by a single person. That’s exactly what happened with this facility.
Apparently, a hacker sent a crafty link to one of the employees working in the facility. The link contained a “payload” that was then executed after the link was clicked and started spreading to rest of the facility’s internal network. Normally, the office computers at the facility are not connected to the pipeline network. However, on this fateful day, they were connected. That was another vulnerability that let the Ransomware spread even further.
How Ransomware Works
Basically, as the name itself suggests, a Ransomware is aimed at extracting a form of ransom (usually monetary) from the owner of the compromised computer. When executed, the malicious software encrypts the files on the compromised computer. The hacker then demands a ransom payment in exchange for the decrypting of the now inaccessible computer files.
This is not the first time a big corporation has been hit with a Ransomware attack. In 2019, a town named Lake City in Florida ended up paying up $1.1 million to hackers after the municipality was attacked with a similar ransomware. In early January, hackers demanded a ransom payment of $14 million after deploying a ransomware at a US maritime facility and kept the base offline for 30 hours.
How To Prepare Against A Ransonware Attack
Cyber attacks may be hard to fend off, but they’re not impossible. There are a few steps that an organization or individuals can take to prevent or at least minimize the damages caused by a ransomware attack.
Employees should be trained on emergency decision-making in case of such an attack. Also, the personnel manning computers should be trained on how such attacks happen. For example, they should avoid opening email attachments or clicking on strange links sent to them by strangers. The software patches on computers should be up-to-date. Also, there should be a back up of the all the important computer files kept in offline storage like an external hard disk.