The Scourge of Ransomware Attacks.  Allan Liska talks to Armstrong & Getty - podcast episode cover

The Scourge of Ransomware Attacks. Allan Liska talks to Armstrong & Getty

Aug 23, 20199 min
--:--
--:--
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

Cyberattacks on municipal systems are growing in number. Cyber threat intelligence analyst Allan Liska joins Jack & Joe to explain the wave of ransomware attacks that have taken place recently.

Learn more about your ad-choices at https://www.iheartpodcastnetwork.com

See omnystudio.com/listener for privacy information.

Transcript

Speaker 1

When you're ready to ride Metro, we want you to know we're ready for you. Here are just a few of the people at Metro to tell you how we're doing our part to keep riders safe. We're cleaning like never before greatly. You've found half sut of station. No mask, no Metro need one. We have a few extras at Metro. We're doing our part to keep the DC area moving. Find out more at well mata dot com slash doing

our part. So listen. If you heard about the recent wave of ransomware attacks in some small towns in Texas, it was hospitals a while ago, UM, and it's coming to a business or town near you. Well, we've invited on Alan listco is a threat intelligence analyst UM to talk about UM ransomware attacks and how they work and the rest of it. Alan works, it recorded future Alan. How are you good? How are you guys doing today? Terrific? Hey, for folks who are not to what's going on, could

you just explain how a ransomware attack unfold. Say, we're we're both working at the City of Pleasantville, Texas. What happens? So there are a couple of different ways that it generally works. The most common way that we see is you click an email, uh you know, it'll look something like a uh, do you have an overdue invoice? Click on this invoice, or you have a package coming click on the the this link to find out when it's arriving. And it turns out, instead of being uh, you know,

an invoice, it's actually malware. It installs the ransomware on your system, and then it jumps from your system to the rest of the network that you're attached to. So if it was just your system would be fairly easy. They delete your computer and give you a new one. But when it when these ransomware attacks hit hundreds of systems in the same organization, then it becomes a crisis. And then what what does it look like at that point? Does your computer go blank? Do you get an email?

Or how do you how do you get the word that you've been compromising? You owe somebody money, so your operating system itself isn't affected. Instead, what it does is it encrypts all of the relevant files on your system, so your images, your your any word documents or PowerPoint documents or spreadsheets. Uh, if you've got databases on your system, they all get encrypted, and then it pops up with a message saying you've been hit by whatever the ransomware is.

If you want to get your files back, send me bitcoin um. And they often have a little portal that you go to. Uh. You give them your their big your bitcoin, and then they give you a key so you can un encrypt your files. Well, and from my reading about this, the guys who do this are pretty good in that they make the ransom amount significant, but less than you'd probably spend on rebuilding everything. Right, So, generally speaking, you're talking, uh you know, so ransoms in

general have gone up a few years ago. I mean, just like anything else you have inflation, they have to keep up with their costs. Uh. Uh So you have kids in college or something. You don't know, right, college is expensive even in Estonia. Um, anyway, go on, certain

that's okay. Um. So a couple of years ago they generally were asking for a few thousand dollars, but now the ransoms tend to be in the six figures um, so somewhere between a hundred thousand and three hundred thousand dollars generally what they're asking just real quick, can we go back to the original email you shouldn't have clicked on. Are the good ones able to like mimic? I don't know. I might get an email from Jack saying, hey, you

gotta see this story. Are they that good? Yes? So? Um, if if it's a target did ransomware attacks, So, if they're specifically coming after you, that's exactly the kind of tactic that they'll use. We've seen that. We also have seen you'll get an email from like the seat that looks like it's coming from the CEO of I Heart Radio. Hey, I need you to do this for me immediately. Um. And of course if you're getting an email from the ceo, uh,

your your your first involces. Yes, I better do this right away without necessarily thinking, Wait, why is he sending me an email from a Gmail account or a dot areu email address type thing? So, do you have any idea how many places this has happened around the country? And what the how many how many towns, counties, whatever are paying the ransom versus saying screw you, I'm not paying.

It will start over right. So when we did our research, uh, we we found um and we don't know, we don't think this is all of them in fact, we know it's not all of them because a lot of them aren't public they reported, but since two thousand and thirteen, sound two hundred and fourteen publicly reported attacks against state and local governments. But I don't know if that's ten percent or of the total number. That's already a lot more than I think most people would have guessed that

this has happened across the country. Wow, And I can understand why people people keep it quiet because you don't want to encourage you, right exactly. So one of the things that we've seen in our research, first answer your previous question, state and local governments are actually better than most organizations of paying the ransom and not paying the ransom, I should say so. We found report based on public reporting, we found about seventeen percent of state and local governments

pay the ransom versus about of overall ransomware victims. So they're actually significantly less likely. And we think that's because it's much harder to pay the ransom when you're paying it with tax care money. So like if you're a bank or you're a hospital that gets hit, that's your money that you're paying with. It's much harder to go the taxpayers and say, hey, we just gave a hundred thousand dollars to some guys in Russia, um to get

our files back. That that's a much more difficult conversation to have. Alan Liska has a company called Recorded Future. He's written a couple of books on network security and that sort of thing that are more and more important these days. Hey, real quick, Uh, if if my town gets hit with ransomware, and I don't know, say there's like three weeks a month that they're trying to figure out what to do or whatever, how does that affect taxpayers and citizens? What sort of things get messed up? Well?

So and and that's been a real problem, and that's one of the reasons why attackers are starting to focus in on cities and towns because it becomes a big deal in the press when this happens. Because constituent services are interrupted, so you can't pay your water bill, for example, because all of that's digitized. You can't buy a house because they can't do title transfers. H if you have a court case spending, you may not be able to

go to that because court dockets get encrypted. When Atlanta was hit last year, Hartfield Jackson had to shut down their WiFi for a couple of hours because they were afraid the ransomware that was spreading was going to jump from the city to their WiFi network and then potentially to people in the airports. Alan Liska is a threat

intelligence analysts company has recorded Future. Um, if you need this sort of help, we'll have a link Alan so that folks can find you and recorded Future really easily. But great stuff. Enjoyed the chat. Thanks, thank you very much. Yeah, I tell you what man that is. Oh, that's got to be a bad feeling. Hey, your files are encrypted. Send us a hundred thousand dollars. I think I'm anti paying these people. But there was I think it was

in Pennsylvania. There was a city that instead of paying the seventy thousand dollars, they spent several million dollars, right, And Allen was talking about going to the taxpayers for that. Have any thousand? Well, how do you go to them for the several million? Well you don't. It just gets built into the money they regularly spend. Yeah, because taxpayers are generally I hate to say stupid, but we don't. We don't pay enough attention. Yeah, fair enough to where

our money is spent. Back to paperman, index cards, file cabinets. They were able to do it before carbon copy. Carbon copies exactly, mimi agraph machines by the telegraph. When you're ready to ride Metro, we want you to know we're ready for you. Here are just a few of the people at Metro to tell you how we're doing our part to keep riders safe. We're cleaning like noble before half build it greatly. You've found half out of no mask, no Metro need one. We have a few extras at Metro.

We're doing our part to keep the DC area moving. Find out more at Wellta dot com slash doing our part

Transcript source: Provided by creator in RSS feed: download file
For the best experience, listen in Metacast app for iOS or Android