This week we are going to discuss cybersecurity.
There has been a lot of news coverage about ransomware. Several weeks ago the Colonial Pipeline was attacked. This caused major gasoline shortages from Texas to New York. This past week, the largest meat packing house in the country was attacked.
Ransomware is when a criminal seizes control of a computer system and demands a ransom in exchange for an encryption key to unlock your data and let you be able to operate your computer system.
Ransomware is not new. It has been happening for years. Schools, hospitals and businesses have all been attached. The FBI has been warning for years that major parts of our infrastructure are vulnerable. The FBI suggests that you not pay the ransom to discourage this activity, but many victims do pay because it is more costly to not comply.
Most people pay the ransom because it is less expensive than trying to duplicate or rebuild all of your data. Hospitals could not have access to patient records which could be life threatening.
The city of Atlanta did not pay a ransom of about $50,000 a couple of years ago and it took months and cost $20 million to replace the lost data. Often thieves want paid in Bitcoins because they are hard to trace. These hackers often operate out of Russia or other areas of the world where it is hard for the U.S. government to arrest them.
The FBI did recover about half of the ransom paid in the Colonial Pipeline attack. It was millions of dollars.
“60 Minutes” reported this week that criminals can rent the ransomware software on the darkweb for a cut of any ransom collected. Usually a specific company is not targeted, but bots send out a massive blast finding vulnerable connections.
I probably receive a couple of questionable emails every week. This week, I got several supposedly from Comcast. Many others have been supposedly from Amazon. These emails say there is a problem with your account and have a link to click and fix the problem.
Often, they are very easy to spot. They often come from a gmail address. Don’t you think these companies are big enough they would come from internal email? Sometimes crooks can try to make them look more official, but hovering your curser over the e-mail or website might reveal the real source.
Remember, E.M.A.I.L.: Examine Message and Inspect Links.
I have received email notices from banks and financial institutions that say I have a problem with my account and need to click a link. The problem, however, is that I do not have an account at these institutions. These are obviously phishing expeditions. The IRS will never send you an email requesting information. When in doubt, don’t clink and make a telephone call.
Have good anti-virus software and back up your data in the cloud or on external hard drives. Many people use the same password over and over. Try not to do this, especially for sensitive financial data. Be sure to use different passwords for these things.
Use a credit card to make online purchases, and not a debit card. Even though both often have the same level of liability from your financial institution, a debit card being hacked could take away access to your money while the issue is being resolved. With a credit card, it is the bank’s money that is unavailable.
If something looks suspicious be careful. It is better to be safe than sorry.
Gary Boatman is a Monessen-based certified financial planner and the author of “Your Financial Compass: Safe passage through the turbulent waters of taxes, income planning and market volatility.”
To submit columns on financial planning or investing, email email@example.com.