Practice good ‘cyber hygiene’ to avoid ransomware attacks, expert says

Investigators

RALEIGH, N.C. (WNCN) – Your personal information could be for sale on the dark web after an ongoing data breach in Chatham County.

The ransomware attack is not the first for a municipality in North Carolina and it has federal and state officials on edge because they fear it will happen again.

The attack was perpetrated by a piece of ransomware they call Doppelpaymer.

Networks all over the world serving 911 call centers, health care and educational institutions have all been compromised by the ransomware.

The problem became so pervasive world-wide that back in December that the FBI issued a warning saying the virus would not only attack computer networks, but that individual victims could have their data stolen from those networks and have it posted to the dark web.

The cybercrooks behind the Chatham County attack demanded a $2.4 million ransom, which the county refused to pay.

“It’s basically extortion,” said cybersecurity expert Craig Petronella of the Petronella Technology Group.

Here’s how it works:

Dopplepaymer enters a computer system as a phishing email containing a malware link that someone clicks.

Once unleashed it disables the system’s antivirus software then changes everyone’s passwords to lock users out.

That renders the host computer inoperable as the malware rapidly spreads throughout the network shutting it down and allowing the criminals to access all the data they want.

Chatham County’s servers were infected October 28 and it’s taken until now get most of the system back in operation.

Security experts say it didn’t have to happen.

“Why didn’t a big municipality like Chatham County have a security risk assessment done to assess their systems and identify the weaknesses?” said Petronella.

Petronella also says proper off-site data backup could have also prevented much of the turmoil the county underwent.

When Chatham County’s system was breached, lots of private information about people went to the dark web.

Petronella said those victims what have to do is monitor their identity and monitor activities online.

“Make sure you’re practicing good cyber hygiene,” he said.

You can do that by:

  • Not opening unverified emails
  • Creating multiple backup copies of your data and store it elsewhere
  • Use strong passwords like phrases only you would know
  • Use two-factor authentication when going online

Petronella says some software like Apple’s new operating system will even warn you about some security risks.

“They will notify you that a password has been found on the dark web and say you should change it,” he said.

In the meantime, the North Carolina Attorney General’s Office is also investigating the breach trying identify those individuals whose information might be at risk.

Copyright 2021 Nexstar Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Trending Stories

Click here for full list of trending stories