A security specialist, the Stacy Arruda, gave an interview about one of the biggest threats in cyberspace, the ransomware.

A few words about Stacy Arruda

Arruda is a director at Florida Information Sharing and Analysis Organization. Ο organization collects incident information security in cyberspace and helps victims overcome threats. He worked at FBI for 22 years, until 2018 when he retired.

The newspaper Tampa Bay Times interviewed Arruda earlier this year. According to the expert, one of the biggest threats they face The Companies and local governments in Florida, is ransomware:

The initial question the expert received was "what is ransomware?". Arruda said ransomware is just a piece malicious code.

“Ransomware is delivered (usually) via e-mail … And what can be attached to this email is a piece of ransomware, a piece of malicious code that compromises the network"

"91% of all cybercrime starts with one e-mail", he said.

Companies and government services in Florida are very vulnerable to these attacks.

Another question posed to the expert was: "What are some examples of major ransomware attacks"?

"A typical example is Baltimore. Ήταν Baltimore was victim ransomware attack for 14 months… ”.

Arruda said that in 2019, the city's computers were infected with ransomware, which shut down systems for weeks, affecting bill payment systems and more. The city was forced to pay $ 6 million to upgrade its IT systems, but did not pay the costs. ransom. Atlanta also had a big problem.

Other Florida cities, such as Riveria Beach and Lake City they also paid large sums (600,000 and 460,000 respectively).

Arruda was even asked about the relationship between SOCIAL MEDIA and ransomware:

"Let's say I have a company I want to join. And I find that there are six people in the workforce who have their information in LinkedIn. I can attack by targeting these people. One of these six people will open the malicious email. "The goal of the 'bad guy' is to find something that the recipient would be interested in opening."

Asked what happens if a company becomes infected, Arruda said there are three options. In the first case, companies have backups offline, have developed a strong plan to deal with such incidents and have contacts with security companies so they can call them if they have a problem. This is a good scenario and what everyone should do Companies. Otherwise, they will be forced to pay the ransom, hoping to obtain the appropriate decryption keys. And the third case is companies pay the ransom and unlock their systems, but for a while. Hackers may nto return and encrypt computers again. Of course, there is the possibility of payment, without response from them hackers. So the systems stay locked again.

Regarding the protection of companies and organizations from ransomware, Arruda said that there is no sure strategy. However, he added that some security measures and practices reduce the likelihood of attacks. The staff must be trained and take care not to expose them data on the internet (social media etc) because attacks can start from there.

Source: en.secnews.gr