fbpx
  • About Us
  • Advertising
  • Legal Notices
Lagniappe Mobile
  • News
    • Cover Story
    • Latest
    • Serial Stories
    • Bay Briefs
    • Community News
    • Open Documents
    • e-Edition
  • Baldwin
  • Commentary
    • Damn the Torpedoes
    • Hidden Agenda
    • Beltway Beat
    • The Real Deal
    • Weather Things
    • The Gadfly
    • Letters to the Editor
  • Cuisine
    • The Dish
    • Word of Mouth
    • Beer and Loathing
    • Cuisine Directory
  • Arts
    • Artifice
    • Art Gallery
    • The Reel World
    • Calendar
  • Music
    • Music Feature
    • Music Briefs
    • Music Listings
    • Submissions
  • Sports
    • The Score
    • The Starting Line-Up
    • From Behind The Mic
    • Upon Further Review
  • Style
    • Media Frenzy
    • Mobile Magnified
    • Horoscopes
    • Master Gardeners
    • Style Feature
  • Lagniappe HD
  • Lagnia-POD

Select Page

Local attacks highlight growing trend of cyber crimes

Posted by Jason Johnson | Jul 31, 2019 | Bay Briefs | 0 |

As two local companies continue to address cyber attacks on their networks, police and security consultants say the number of calls they’re receiving about similar digital crimes has increased.

Springhill Medical Center was the victim of a cyber attack earlier this month that has sidelined a significant portion of its network for weeks. Then last Friday, steel producer Blastech Mobile confirmed it had been hit with an attack that “severely impacted [its] systems and operations.”

Since then, reports from employees of both companies have suggested these were attacks that used ransomware — a form of malicious software designed to block access to data and/or systems until a certain amount of money is paid. Both companies are said to be investigating the incidents, though neither has confirmed any details about the attacks.

Calls from Lagniappe seeking input from Blastech were not immediately returned, and, so far, Springhill has only commented to confirm there was some kind of cyber attack on its network, which was then shut down to “contain the incident and protect data.”

However, reports from some hospital employees and others in the local medical community have suggested ransomware has encrypted or locked the hospital out of much of its network and that many digital functions were — and possibly still are — being conducted on paper.

Those details have not been confirmed, and a spokesperson for Springhill Medical Center has not responded to requests from reporters seeking an update. However, as of July 29, the hospital’s website still appeared to be offline, and law enforcement is still investigating. 

Glenda Snodgrass, president and lead consultant of local technology consulting firm The Net Effect, said ransomware attacks have become “rampant” across the United States in recent years and have started targeting all sorts of businesses and even individuals in some cases.

“Ransomware that encrypts data (crypto ransomware) and demands large payments in electronic funds gets the most press attention, as those incidents usually occur in larger organizations, but simple lock-out ransomware is extremely common on home computers and small businesses,” Snodgrass said. “There is no particular size or type of business. From three employees to thousands, and in every vertical market — accounting firms, law firms, credit unions, medical offices, retail stores, manufacturers, nonprofit organizations — you name it.”

That’s not just an anecdotal observation. Within the past week alone, there was a major attack on the Georgia Department of Public Safety’s network, and Lousianna declared a state of emergency after three public school systems fell victim to malware attacks.

According to the Internet Crime Report released by the FBI, it received a total of 351,936 complaints in 2018. Those represent losses exceeding $2.7 billion — a $1.9 billion increase over the past four years of data. Not all cyber attacks are reported to law enforcement, either.

Some of those complaints were about ransomware attacks, but despite getting a lot of news coverage, those are not the most common type of cyber attack. Many lucrative attacks from recent years fall under a category known as Business Email Compromise.

Those attacks target companies by spoofing the emails of high-level employees, and in some cases, actually compromising and using a real address. This type of scam was used to attack the Alabama State Port Authority in 2017, which led to the release of employees’ tax information, and the Mobile Housing Board (MHB) in 2018 — an incident that cost MHB more than $480,000.

Kevin Levy, commander of the Mobile Police Department (MPD) Cyber Intelligence Unit, said he’s also seen an increase in reports of various cyber attacks locally, though he did say there is more outreach and awareness about cyber security today than in the past.

While complex cyber attacks are handled by the FBI or U.S. Secret Service, MPD is uniquely situated because it’s a partner at the Gulf Coast Technology Center — a joint operations facility that brings local, federal and state law enforcement agencies together under one roof.

“We’re actually able to triage and respond to network intrusions and other incidents,” Levy said. “That doesn’t mean we’d take the ball and run with an investigation because that depends on the type of case and jurisdiction, but we do have the capacity to respond.”

Levy said a quick response can help secure evidence, and in cases where perpetrators send out thousands of emails in a mass phishing attack, it can allow time to warn similar businesses.

Another troubling trend recently has been cyber crime victims choosing to pay ransoms instead of waiting on police or security consultants to restore or decrypt their data. For a company losing $500,000 a day, a ransom may be cheaper than going weeks without access.

“Oftentimes we see companies choose to pay the ransom demands when they do not have the ability to recover critical data that allows them to restore business operations back to normal. In many cases, the company does not have proper backups in place to recover,” Snodgrass said. “Even when good backups exist, the extent of the infection is sometimes so great that the cost of downtime during an extended restoration period is too high to bear.”

Last month, two cities in Florida opted to pay a combined ransom of $1.1 million to attackers that compromised their networks with malware. To the contrary, the city of Atlanta spent more than $2 million recovering from a 2018 attack that initially only sought $50,000 in Bitcoin.

However, many caution against paying ransoms because they can fund future attacks by those same actors and motivate others. Levy also said paying large sums of untraceable money to anonymous sources on the internet isn’t always a safe bet, either. 

“It’s negotiating with people you don’t or shouldn’t trust,” he said. “What if they take the money and then don’t release your data?”

Snodgrass said it’s important for businesses to be proactive and informed about cyber security and suggested making sure all software, systems anti-malware programs are up to date and that critical data backed up, encrypted and stored off-site. She said it’s also just as crucial for businesses to make sure employees are educated about the threat of potential cyber attacks. 

“When that email with an attachment carrying a brand-new malware gets past your technical defenses and lands in an employee’s inbox, but that employee decides the email is suspicious and doesn’t open the infected attachment, they’ve just saved your company from an attack,” Snodgrass said. 

Cyber-security consultant Drake Brignac also worked with Lagniappe on this report. Graphic: Macrovector – www.freepik.com

This page is available to subscribers. Click here to sign in or get access. During the month of December, give (or get) a one year subscription with TWO months FREE.

Share:

Rate:

PreviousWilsonville mayor continues push against ‘cap in place’
NextTransportation leaders look for alternatives amid bridge project speculation

About The Author

Jason Johnson

Jason Johnson

Jason Johnson originally hails from Elba, Alabama, and graduated summa cum laude from Troy University in 2011. He’s been a reporter for Lagniappe since 2014, where he covers an array of topics with a focus on county government, local courts and education. Previously, Jason worked for the Southeast Sun (Enterprise, Alabama), the Alexander City Outlook and 94.7 WTBF FM (Troy, Alabama). He’s also been recognized by the Alabama Press Association with designations in general excellence, photography and education reporting. In his spare time, Jason is a guitarist and drummer who enjoys the benefit of regularly playing with musicians better than himself.

Related Posts

Baldwin legislator Trip Pittman wants to go to D.C.

Baldwin legislator Trip Pittman wants to go to D.C.

December 21, 2016

Hold on overtime law won’t stall investigators

Hold on overtime law won’t stall investigators

December 7, 2016

Former legislator Artur Davis takes helm of Legal Services Alabama

Former legislator Artur Davis takes helm of Legal Services Alabama

February 1, 2017

Local schools call for repeal of Alabama Accountability Act

Local schools call for repeal of Alabama Accountability Act

October 24, 2018

Recommended Stories

New eateries opening and in the works

By Andy MacDonald

Nashville-style songwriters’ round launches in Mobile

By Stephen Centanni

When nothing is true anymore .…

By Ashley Trice

Strange predictions from a stranger visitor

By Rob Holbert

MSO ‘Fanfare’ ushers in new year

By Kevin Lee



  • Advertising
  • About Us
  • Contacts
  • Jobs
  • Terms of Service
  • Privacy Policy

Search This Site

Browse the Archives

© Lagniappe Mobile 2021

[yop_poll id=”-1″]