RALEIGH, N.C. (WNCN) — Cyberattacks are a growing threat to North Carolina businesses and those of us who live here. As a result, the FBI is trying to educate people about ways to prevent being victimized by those threats. 

The FBI now says cyberattacks are so common, it’s now the agency’s number two crime that its fighting—right behind terrorism.  

Here in North Carolina, the FBI has dedicated two squads, in Charlotte and Raleigh, tasked with dealing with the threat.

Last year, the FBI received a record number of complaints regarding cybercrimes, with over 847,000 in the U.S. saying they were victimized in the FBI’s 2021 Cyber Attack Report.

“They are constantly adapting and frankly it’s hard to keep up with them,” said Robert Wells who is the FBI special agent in Charge of the Charlotte Field Office.

The agency says ransomware, business e-mail phishing schemes, and the criminal use of cryptocurrency were the main culprits totaling almost $7 billion in losses.  

Wells said the threats come from all over the world, including “nation state actors such as China, Russia, Iran and North Korea.”  

The FBI’s list of Most Wanted Cybercriminals reflects the global nature of the threat.

Ransomware is one of the biggest problems for both business and individuals. 

We’re paying ransomware and with the money we’re paying it’s enabling them to become more sophisticated,” said Pete Nicoletti the Chief Info Security Officer at Check Point Software. 

“The FBI does not encourage companies to pay ransom,” said Wells. “Obviously that will encourage other attacks, but we can’t tell a company not to do that.” 

Colonial Pipeline was a firm that paid a ransom to get its system unencrypted. It was lucky because the US Department of Justice was able to recover most of the money they paid out.   

The FBI says it stands a better chance of solving cybercrimes when they are reported quickly. 

In fact, it’s got a special unit called IC3, the Internet Crime Complaint Center, where you can report online.

“We actually saw a 60 percent increase last year when it came to reporting ransomware attacks,” said Wells. 

Supply chain attacks are also gaining the attention of the FBI, which says it is a major concern the agency is trying to address.

No companies are thinking about this,” said Wells. “We talk to them all the time and they’re not thinking about who they are working with.”

Because North Carolina is the home to Research Triangle Park, as well as many bioscience and big tech firms moving here, it’s a target-rich environment for cyber criminals. 

That is why the FBI is trying to alert people to the threat trends and provide people guidance on how to defend themselves. 

Here are some tips it offers for businesses and individuals to protect themselves. 

  • Update and patch operating systems and software. 
  • Implement robust access controls, especially for privileged users. 
  • Monitor security logs. 
  • Audit trusted third parties or others with access to systems and sensitive data. 
  • Require personnel to choose a strong, unique password for each account and use multifactor authentication for as many services as possible. Passwords should be changed regularly. 
  • Educate personnel about phishing schemes to highlight the risks of clicking on suspicious links, opening suspicious attachments, and visiting suspicious websites. 
  • Keep backups of data offline, and regularly test backup and restoration capabilities. Ensure all backup data is encrypted and immutable. 
  • Develop a cybersecurity incident response plan that includes the FBI. If compromised, contact the FBI immediately. 
  • Be aware of signs of compromises such as broken passwords, unexpected pop-ups, slow-running devices, altered system settings, or unexplained online activity.