We provided an overview of the information that may be obtained from mobile devices and the third-party applications they use, guidance on how to handle phones that are to be examined, and demonstrated how the digital information could be used to develop a timeline to support an attorney’s case theory.
July 22nd, 2021: Inside the Dark Web: How your personal information is exploited – KENS 5 takes you inside the epicenter of illegal activity. A former FBI agent who specializes in cybersecurity shows how criminals are exploiting your information.
SAN ANTONIO — KENS 5 takes you inside the epicenter of illegal activity. A former FBI agent specializing in cybersecurity explores the dark web to show how criminals exploit people’s information in various marketplaces.
The dark web is a hidden section of the Internet and can only be accessed through a specialized web browser. Jonathan Trimble, a former FBI agent who’s now the founder and CEO of cybersecurity firm Bawn, logged in a browser called ‘The Onion Router’ known as TOR.
“I use a computer that I can get rid of because going onto some of these hacking sites, downloading information, you don’t know what’s going to happen from it. It might be safe, and it might not be,” he said.
Credit: KENS 5
Jonathan Trimble, a former FBI agent who’s now the founder and CEO of cybersecurity firm Bawn.
The dark web’s lure is anonymity and lucrative deals. Trimble showed KENS 5 several marketplaces that have grown in popularity over the years. Criminals advertise various products, including drugs, hacking tools, and people’s personal information. Trimble says there are criminals looking to make a quick buck and larger criminal organizations that set up these marketplaces like a business to make a profit. He says the purchases are made in bitcoin, unlike a credit card that can be traced back to a person.
“It ranges from how complete the information is or how sophisticated of an information package it is. An example is an identifying number like a social security number might be about $2 to $3. But if you have a complete package, for example, for a business, an employee identification number, a Dun & Bradstreet number, all the identifying information for a business would be more expensive. Around $70 is what I’ve seen,” said Trimble.
The sites that sell products or packages of information appear like any regular retail website. There’s even a review and recommendations section.
“A user says not good or this product is legitimate and successful for me,” said Trimble. “There’s a high concern of whether they can trust the person they’re buying from or institute that they’re buying from.”
Credit: KENS 5
A marketplace where buyers can leave reviews and recommend a product.
According to Cybersecurity Ventures, a research site, the economic cost of cybercrime globally is growing every year and is expected to hit $10.5 trillion by 2025. it says this represents the greatest transfer of economic wealth in history.
Trimble says it’s reasonable to assume that your information has already been compromised or will be in the future.
“Having been an employee of the federal government for 25 years, I assume that my information has been stolen through the different hacks that have been focused on OPM and other places from the government,” he said. “It really comes back to us to make it more difficult for them to take advantage of that. Because if they have the information but can’t set up an account or it’s too difficult for them, they’re going to move onto someone else.”
He recommends that you consistently update digital software, monitor your financial activity, and be wary of what you download or click online. The FBI also has a list of recommendations to reduce your risk.
The Cybersecurity and Infrastructure Security Agency, which is part of the Department of Homeland Security, has information on general security, email communication, and threats. If you believe you’ve been a victim of an internet crime or want to file on behalf of another person, click here for more information.
July 18th, 2021: Big 10: What you need to know about cybersecurity: ‘Expect a future where a computer doesn’t just connect you, but can also be a weapon’ by Jeff D’Alessio, Editor, The News-Gazette, Champaign, IL
by Jeff D’Alessio, Editor, The News-Gazette, Champaign, IL
Not a week seems to go by anymore without news of another U.S. agency or business falling victim to a cyberattack.
For perspective on the problem, we rounded up a panel of experts to answer 10 questions — kicking off a new, occasional N-G series breaking down important issues making news.
Are enough of the right powerful Americans aware of the severity of the threat and treating it as such?
Says Cyberscout chairman and Credit.com co-founder ADAM LEVIN, author of ‘Swiped: How To Protect Yourself In A World Full of Scammers, Phishers, And Identity Thieves’: “You’d have to be living under a bottle cap on the bottom of loon lake to miss the enormity of the problem we all face. There is no longer an excuse among those in power. The threat is constant and pervasive.
“That said, former President Trump’s Twitter account was breached because of poor cyber hygiene. Bottom line: Most of us know there is a problem, but everyone has yet to on-board a defensive, best-practice, solution-oriented outlook.
“The establishment of CISA and President Biden’s head-on approach with Vladimir Putin about recent ransomware attacks suggest a change in attitude. More recently, the Department of Justice acknowledged aggressive disruption campaigns against threat actors. We have to assume all the letter agencies are actively engaged in this invisible war on cybercrime.”
Says Reuters investigative reporter JOSEPH MENN, author of ‘Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World’: “Yes, finally, we are getting close to a critical mass of important people in Washington grasping how serious the cybersecurity problem is. That is a huge improvement from where we were ten years ago when I wrote a book largely aimed at raising that kind of awareness.
“It is beyond unfortunate that it took crippling attacks on hospitals during a pandemic and one on a major pipeline for us to get there. You can’t fix a problem, as the alcoholics say until you acknowledge you have one.
“Unfortunately, that is just the beginning. The White House and Congress get that organized criminals, including many operating out of Russia, have little to fear from law enforcement and tens of millions of dollars in rewards out there for the taking. They get that China and others are stealing intellectual property and harvesting intelligence on a massive scale. But that is only one side of the equation, and frankly, the one they can do the least about.
“The bigger issue is the appalling state of our defense in anything connected to the net. DHS and the NSA are doing a better job than previously providing information on attacks and guidance on how to avoid being the easiest victim. But what it would really take to stem the tide is something like a new, opt-in internet, with different protocols and authentication. That would take massive research and development led by the federal government with aid from universities and others, and I am seeing nothing close to that level of funding.”
For those Americans who don’t view cybersecurity as a serious threat, what’s your best case for why they ought to?
Says Red Branch Consulting founder and former Homeland Security official PAUL ROSENZWEIG, author of ‘Cyber Warfare: How Conflicts in Cyberspace are Challenging America and Changing the World’: “If a world without gasoline or beef was not sufficiently scary, imagine this: Your heart monitor kills you or all of a sudden your car won’t brake. Everything — and I do mean everything — that is connected to the Internet is potentially vulnerable.
“And increasingly, everything you rely on each day is connected. That prospect ought to convince you that cybersecurity is serious.
“Here’s a story worth telling: I have a friend David who is a diabetic. For years, he had to prick his finger, test his blood and inject insulin. Then he got an insulin pump, which changed his life. And about five years ago, he got one of the new Internet-connected, programmable pumps, which was even better — no more visits to the doctor, just got blood tests.
“And then some hackers demonstrated that they could crack the security on his insulin pump and give him a fatal — or maybe just near-fatal — dose of insulin. His lifesaving device just became his own self-assassination machine.”
Besides avoiding emails from Nigerian princes and choosing unpredictable passwords, what’s one step anyone can take to decrease their chances of falling prey to a cyber crook?
Says University of Illinois alumna PARISA TABRIZ, Google’s self-described ‘security princess’ and head of Chrome product, engineering, and UX: “Enable second-factor security on all your accounts, or wherever it’s made available.
“Also, verify your account recovery settings every year or so. Exploiting weak or outdated account recovery settings is a common way attackers attempt account hijacking.”
Says UI grad MATT LOWE, global cybersecurity policy and standards manager at IBM: “People tend to get annoyed when they get a notification to update their operating system, software applications or browsers and will often opt for the ‘update later’ option so that they can continue doing what they were doing without risking a computer restart.
“But this happens to be when your devices and apps are especially vulnerable to hackers because these software updates include fixes to features and performance as well as to security.”
Says UI grad LARRY CLINTON, president of the Internet Security Alliance: “Dedicate a computer/device — one your children cannot use — for sensitive or financial communications.”
Says KLARA NAHRSTEDT, director of the UI’s Coordinated Science Laboratory: “Don’t go to strange websites when searching for a product. Various third-party websites could have malicious codes in them to steal or damage private information from your computer.”
Says VASU JAKKAL, CVP of Security at Microsoft: “Multi-factor authentication is such an accessible and easy defense that people can use to better protect themselves.”
“In addition to creating strong passwords, or going passwordless where I can, I always enable multi-factor authentication for any account that provides the options — email, social media, financial accounts. It makes a huge difference in preventing compromise due to weak or leaked passwords.”
Says Champaign cybersecurity consultant JOHN BAMBENEK: “One of the things I tell my clients to focus on is trying to minimize the amount of sensitive information they email or store online.
“For example, if you are buying or refinancing a house, don’t email your tax returns. Bring them in.”
We’ve heard a lot about May’s high-profile ransomware attack on the Colonial Pipeline. But what is hackers’ motivation for attacking small businesses, as they have in droves?
Says Liberty Group Ventures CEO KIERSTEN TODT: “As the managing director of the Cyber Readiness Institute, I work primarily with global small businesses. Small businesses, like small governments, school districts, and individuals, often wonder why they would be attacked or targeted. There are two key components of cybersecurity that are important to remember.
“One, data surpassed oil as the most valuable global commodity over two years ago. All businesses collect and have data, and every individual captures their personal data on their multiple devices — therefore, the devices that store personal data, the companies that store data, are valuable and are a target for compromise.
“Additionally, small businesses and individuals are often compromised not because they are a destination for malicious actors but because they are an entry/access point, a door, to the actual target of the malicious actor.
“Hackers look for the weakest link to compromise — some way to access a larger enterprise. Small businesses and individuals are targeted to either be that access point or for the data they hold.”
What’s your version of America’s worst cyber nightmare?
Says RIANA PFEFFERKORN, a research scholar at the Stanford Internet Observatory: “Russian hackers, who have repeatedly attacked America’s power grid previously — and we’ve done the same to them — succeed in disrupting the supply of electricity for long enough and to a large enough swath of the country to result in significant bodily harm and loss of life.
“We’ve seen the havoc that climate change-exacerbated severe weather events can play with the power supply, including in Texas this past winter and the recent ‘heat dome’ in the Pacific Northwest. Lack of access to heat in the winter and cooling in the summer is lethal.
“Hackers could time an attack to take advantage of underlying weather conditions. And regardless of the time of year, lack of electrical power is also a dire threat to the millions of Americans who live with severe illnesses or disabilities. Electricity powers the medical devices that keep people alive and mobile, such as breathing machines and home dialysis equipment; the refrigerators that keep lifesaving medications at the proper temperature; and battery-powered wheelchairs and scooters.
“For the Russians to escalate their cyberattacks to cause widespread loss of life would be foolish, however, because the federal government has signaled to Russia that it has the capabilities to strike back and will not hesitate to use them. I, therefore, suspect that Russia will continue to keep its attacks below the level that would justify the use of force in response, as it has done to date.”
Says LANCE HOFFMAN, founder of the Cyber Security and Privacy Research Institute: “Every American should fear a critical infrastructure meltdown. While today’s Internet has proved remarkably resilient in handling increased traffic due to the COVID crisis, many people still don’t realize that it is now a part of our critical infrastructure, just like roads, bridges, transportation, water, and energy systems.
“If a significant part of it were unavailable or, worse, providing fake data due to an attack by hostile forces foreign or domestic, and the contingency plans in place to recover and move on were inadequate — as they are now — then the same effects we saw from COVID would play out: slowing down of the economy, individuals and groups taking sides on ‘who’s to blame,’ etc.
“The time has come for each organization, small and large, to put a contingency plan in place. Directors of businesses and leaders of government agencies should insist that these be reviewed frequently and tested to the extent feasible.”
Says New America strategist and senior fellow PETER SINGER, author of ‘Cybersecurity and Cyberwar: What Everyone Needs to Know’: “The Internet is increasingly becoming what is known as the ‘Internet of Things.’ The networks are now connecting devices used to operate our world, from smart power grids to smart thermostats to even individual parts in your car or a jet engine.
“This yields massive economic and environmental gains, a more efficient world. But it also means that the hacks are set to move from merely stealing information — which was bad enough when it was email or your credit card — to holding systems themselves hostage.
“In the research for our book ‘Burn-In,’ we showed how someone could use a computer to do anything from poison a water supply to crash a plane.
“So expect a future where a computer doesn’t just connect you, but can also be a weapon.”
Says Bawn founder JONATHAN TRIMBLE, former chief technology officer of the FBI’s Information Management Division: “The recent ransomware attack on the Colonial Pipeline which impacted fuel availability for millions of people on the East Coast, and the Fastly software bug, leading to an outage of a large portion of news sites, have underscored that there are critical junctures within our infrastructure that have enormous nationwide impacts when they fail.
“The general public generally isn’t aware where these chokepoints are, but our adversaries have invested a great deal of effort in researching American infrastructure to locate vulnerabilities for exploitation. The compromise of Solarwinds in late 2020 was a sophisticated attack that required extensive reconnaissance to find a subtle vulnerability and develop the means to exploit it — America’s nation-state adversaries are sophisticated in their technical approach, patient in finding vulnerabilities, and strategic about when to exploit them.
“A coordinated attack against multiple infrastructure chokepoints may be the next thing we see on the cyber front. We can generally recover from cyberattacks that cause data or power outages. What concerns me most is the attack that manipulates data to the extent that people lose confidence in a major system’s integrity.
“These may be systems that support voting, finance, judicial or medical processes. A massive attack that undermines people’s confidence and sows discord would have a long-term negative impact on the U.S.”
Says FRANK CILLUFFO, director of Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security: “Frankly, what we have already seen is keeping me up at night and underscores the need to prioritize cybersecurity.
“For years, our adversaries — China in particular — have persistently engaged in brazen and massive theft of intellectual property. The upshot of that activity? It puts U.S. economic competitiveness in peril. Add to that the ransomware epidemic — wherein cybercriminals indiscriminately target just about everyone, from schools to hospitals and companies both small and large, including victims that provide critical national functions and services underpinning our modern society.
“If that isn’t enough, there is the possibility of what we have seen overseas potentially coming soon to a U.S. ‘theater near you’. Here I am thinking, for example, of the 2015 cyberattacks on Ukraine’s electric grid, which disrupted the power supply in the middle of winter. That case allowed Russian actors to test, hone and refine their cyber skills in executing a malicious attack on a practice field close to home.
“And all of this is happening at a time when countries are increasingly integrating cyber capabilities into their warfighting strategy and doctrine. The U.S. has long been in the crosshairs of many and varied actors with hostile intent whose exploitation of computer networks has laid the groundwork for the attack.
“Topping the list of concerns is a sustained campaign against systemically important critical infrastructures. Notably, an attack that could cascade into another with potentially catastrophic results.
“One domain we need to pay greater attention to in the days ahead is the intersection between cyber and space. The two are inextricably intertwined, and using cyber, or similar means, to subvert our eyes and ears in space could leave our country blind and deaf.
“Put simply, our ability to network has far outpaced our ability to protect networks. Now is the time to heed the call to action and invest in our cybersecurity workforce, impose cost and consequence on bad cyber behavior and ensure the U.S. leads the way technologically.”
True or false: Most U.S. breaches that take place in the U.S. aren’t ever reported?
True, says Harvard’s BRUCE SCHNEIER, the brains behind the popular blog Schneier on Security: “Sometimes, it’s because the victims aren’t aware that they’ve been hacked. Sometimes, it’s because police investigations are ongoing. And sometimes, it’s because the victims want to avoid being described as having lousy security in the press.
“The truth is that we have no idea how many unreported breaches are occurring and what the historical trends are. It makes mitigation efforts very difficult.”
So, how do you fix it?
Says UI grad DAVE MIHELCIC, former chief technology officer at the Defense Information Systems Agency: “Most private business and public organizations fail to take basic cyber hygiene steps and invest in the operational infrastructure to operate securely.
“Worse yet, many boards, CEOs, and senior administrators actively ignore the problems when they are identified.
“The U.S. must pass legislation making corporate and federal leaders civilly and potentially even criminally liable if they fail to exercise due diligence in securing systems, networks, and data under their purview.”
What’s the financial toll of all of these breaches and who’s benefiting?
Says JAMES LEWIS, senior VP at the Center for Strategic and International Studies: “Weak cybersecurity probably cost the U.S. about $100 billion a year for at least the last 10 years, so more than a $1 trillion in losses.
“Cyber is a symptom of a larger disrespect in which China, Russia, and Iran hold us, like the 1930s when Germany and Japan thought America was weak and could be pushed around.
“We want to get ahead of the problem of opponents thinking they can do what they like before it gets worse.”
What’s the pie-in-the-sky long-term fix?
Says JAMES CLAPPER, U.S. director of national intelligence from 2010-17: “International cyber norms that the Big Three in cyber — Russia, China and us — would sign up to and, importantly, enforce. We’re not there, and I see no prospect of such agreement.
“I think a useful comparison is the law of the sea, which took decades and decades to develop. But now, most sea-faring countries abide by it because it is in their interests to do so.”
Why aren’t more people better informed about such a critical issue?
Says JAMIE WINTERTON, director of strategy for Arizona State’s Global Security Initiative: “Pre-pandemic, I participated in a few Cybersecurity Self-Defense events, where we taught people how to secure their personal data. I often started conversations by asking people, ‘What kinds of things are you worried about?’ The answer I got most often was, ‘I don’t know; there are so many problems and so few solutions that I don’t even know what to worry about.’
“As technologists, we haven’t done a good job of realistically explaining security threats and how to mitigate them to non-experts. So I think most people know that there are serious cybersecurity threats, but many of them feel powerless, either because of the magnitude of the issues or because we’ve thrown so much technobabble at them that they have given up trying to participate. And that is a big vulnerability we’ll have to contend with.
“Over the past few years — even the past few months — the accelerating attacks on critical infrastructure have made it clear just how tightly we’re all connected via the Internet. Power and water supplies, fuel pipelines, healthcare and finance systems, education — all of these things are online now. We usually think of these things as separate systems, but they all are connected, to each other and to all of us, online.
“There are huge benefits to this connectivity, but there are also huge potential problems if these systems aren’t properly secured. Some of these problems are literally life-or-death — like power outages, tainted water, shortages in supplies, or the inability to provide critical life-saving medical care at the moment it’s needed. This is why we should be taking cybersecurity very seriously.”
July 9th, 2021: Bawn provides ransomware training to the Texas Criminal Defense Lawyers Association.
July 7th, 2021: Bawn provides commentary for Associated Press article: Latest hack to test Biden’s vow for consequences for Russia by Aamer Madhani and Eric Tucker
WASHINGTON (AP) — President Joe Biden said Wednesday he would “deliver” a message to Russian President Vladimir Putin about the latest ransomware attacks targeting American businesses, setting up a test of Biden’s ability to balance his pledge to respond firmly to cyber breaches with his goal of developing a stable relationship with Russia. The administration faces few easy options for a ransomware threat that in recent months has emerged as a major national security challenge, with attacks from Russia-based gangs that have targeted vital infrastructure and extorted multimillion-dollar payments from victims.
But Biden finds himself in a difficult position as he seeks to press Putin to crack down on Russian cyber gangs targeting U.S. and international business for financial gain and dial back Kremlin-connected cyber espionage. The administration is mindful that punitive actions against Russia can escalate into tit-for-tat exchanges that heighten tensions between nuclear superpowers.
The latest hack also comes after some Republicans accused the Democratic president of showing deference to Putin by meeting with him and making America weaker in the process. Biden has faced criticism of being too soft on Putin even though former President Donald Trump declined to blame Russia for hacks and interference in the 2016 election despite U.S. intelligence community findings.
Biden met Wednesday with Vice President Kamala Harris and top national security aides to discuss the problem. As he departed the White House to travel to Illinois, Biden was opaque when asked what exactly he would convey to Putin.
“I will deliver it to him,” Biden told reporters.
A White House National Security Council spokesperson said in a statement Wednesday that combatting ransomware remained a priority but that the years-long threat “won’t just turn off as easy as pulling down a light switch.”
“No one thing is going to work alone, and only together will we significantly impact the threat,” the statement said.
U.S. officials say they’ve preached to the private sector about hardening cybersecurity defenses, worked to disrupt channels for ransomware payments, and scored a success last month with the recovery of most of a multimillion-dollar payment made by a fuel pipeline company. But they’ve been cautious about carrying out retaliatory offensive cyber actions for fear it could quickly spiral into a greater crisis. There are also practical limits to what the U.S. can do to thwart Russian cyber gangs.
Biden and top administration officials repeatedly said around last month’s meeting with Putin that their goal was building a “predictable,” stable relationship. An all-out cyberwar would seem to work against this goal.
“It’s a very fine line that they have to walk as far as providing some kind of consequence for that behavior without it escalating to where cyberattacks are out of control, or increase it to a conflict that goes beyond the cyberspace,” said Jonathan Trimble, a retired FBI agent, and cybersecurity executive.
White House press secretary Jen Psaki said Tuesday that Russian and U.S. representatives were meeting next week and would discuss the matter. She said administration officials used Wednesday’s meeting to discuss building resilience to attacks and other efforts to combat the problem, and also addressed policies on payments to hackers.
The administration has yet to attribute the latest major attack to Russians hackers. Psaki did not directly answer how Biden might respond, but said he has “a range of options, should he determine to take action.”
Cybersecurity experts swiftly identified REvil as responsible for the attack, and the notorious Russia-linked gang appeared to admit it publicly by offering on its dark web site to make available a universal decryptor that would unscramble all affected machines if paid $70 million in cryptocurrency.
Biden said he set red lines by handing a list to Putin of some 16 critical infrastructure entities, including water systems and the energy sector, in the U.S. that are off-limits to attack. He said “responsible countries need to take action against criminals who conduct ransomware activities on their territory.”
The Kaseya attack did not appear to affect any critical infrastructure. Nevertheless, the incident shows that ransomware attacks, even if they don’t target critical infrastructure, have the potential to be damaging when done on a massive scale.
Biden also suggested that he told Putin that he stood ready to retaliate should the Russians go too far.
“I pointed out to him that we have significant cyber capability. And he knows it,” Biden said.
Further complicating matters, the Republican National Committee said Tuesday one of its contractors had been breached, though it did not say by whom. The RNC said no data was accessed.
The administration has already taken action against the Russians for cyberespionage, announcing in April the expulsion of 10 Russian diplomats and sanctions against several dozen people and companies over Kremlin interference in last year’s presidential election and the hacking of federal agencies.
The U.S. has other tools at its disposal. Assuming it can gather the evidence it needs to identify the hackers, the Justice Department can bring indictments — though absent the defendants voluntarily departing Russia, there is little chance of them facing justice in American courts. Hacks not only from Russians but also the Chinese have continued even after indictments.
There’s also the chance investigators in at least some cases can recover from criminals ransom that has been paid. The Justice Department clawed back a portion of the $4.4 million forked over to a Russian-linked cyber gang responsible for the attack on Colonial Pipeline, an attack that stymied the gasoline supply in the southeast U.S. for days.
James Lewis, a senior vice president at the Center for Strategic and International Studies, said the U.S. has been for too long in a “defensive crouch” when responding to ransomware attacks. The administration’s options for assertiveness against ransomware criminals could include limiting their access to financial networks or hacking their command and control infrastructure.
“These are all tough choices, and the default position is to be cautious, which is why we keep getting whacked,” Lewis said.
Associated Press writers Frank Bajak in Boston and Alan Suderman in Richmond contributed reporting.
June 10th, 2021: Bawn provides commentary on the recent Fastly outage during the WGN-9 Chicago newscast.
A software bug was activated when a user made an account configuration change, causing an hour-long outage of approximately one-third of the Internet’s news sites. We explained how the consolidation of cloud computing resources led to such a wide-ranging impact.
If you’re hit with a cyberattack, the damages can be long-lasting, especially if you’re a business owner. Your money, reputation, and customer’s trust are on the line.
Jonathan Trimble, a former FBI agent of 24 years, says, “businesses can take steps today to protect themselves.” During his time with the agency, he investigated various criminal matters, including corporate fraud, identity theft, violent crime, money laundering, and computer crime. He’s now the founder and CEO of Bawn, a company providing cybersecurity services for companies across the U.S. Trimble explained how the average cost of a data breach has increased over the last several years.
“Back in 2018, it was about $3.8 million. (In) 2020, it was about $8.9 million, the average cost of a cyberattack, and that’s incorporating the entire scale of businesses,” he said. “If you look at small businesses, the cost is much lower, it’s about $200,000, but that has a very large impact on small businesses.”
He further shared that 60% of small businesses which fall victim to a cyberattack end up closing down operations within six months. He said, “cyber insurance is a critical component of a business, but finds that people don’t think of adding it to their business plan.”
“A lot of times, cybersecurity is not a core competency of an organization, especially small businesses. If you’re a law firm, you’re focused on the case log and keeping up to date on that. If you’re a CPA firm, you’re focused on doing financial record keeping or tax returns,” he said.
“Businesses should not think it’s not going to happen to them. It’s better for them to start somewhere, instead of just hoping it won’t happen to them.”
Cyber insurance can help a company recover from a data breach, including costs associated with work stoppage, system damages, legal fees, and ransoms. He said, “there are many options, and coverage can be tailored to your business.”
“Over the past few years, insurance underwriters have gotten more savvy as far as what type of assistance to cover, what security controls need to be in place. They ask a lot of questions that they haven’t before,” Trimble said.
He said it depends on what’s included in the policy, but overall, coverage is surprisingly cheap compared to other insurance policies.
May 13, 2021 – KENS5 San Antonio. Following pipeline hack, former FBI agent warns businesses: ‘Get ahead of it before it happens.’
Jonathan Trimble said, “smaller businesses are particularly vulnerable to the increasing wave of cyberattacks, though it isn’t the ransom itself which would hurt most.” KENS 5 San Antonio reports that The FBI confirmed a Russian group known as Darkside orchestrated the ransomware attack on Colonial Pipeline. On Friday, the cybercrime group locked up the company’s computer system and demanded a ransom.
Colonial Pipeline delivers about 45% of the east coast’s fuel supply. As the company shut down operations to investigate the disruption, fuel prices began spiking, and people began hoarding gas in multiple states.
The fear surrounding the gas shortage even spilled into Texas. KENS 5 obtained a video of lines of drivers waiting to fill up at a gas station in the Rio Grande Valley.
Jonathan Trimble, the founder, and CEO of Bawn, a security firm which protects businesses across Texas, shared insight on the attack. Before he launched his company, he served 24 years in the FBI, where he was chief technology officer of the bureau’s information management division.
He also supervised a number of criminal matters, including corporate fraud, identity theft, narcotics, child abductions, and computer crime. Trimble said, “for the past 20 years, cyberattacks have continued to rise.”
“If this can happen to a large organization that they know plays a critical component in the nation’s economy, that type of event can happen to any type of business,” warned Trimble.
The energy grid and water supply in the nation barely have federally mandated cybersecurity protections. Trimble said, “when it comes businesses that are left to defend themselves, a ransom isn’t what may be the costliest consequence—it’s the fallout from a potential work stoppage.”
“From a company standpoint, it’s a business decision. How much pain can that organization endure?” Trimble said. “The scariest statistic that I see is that 60% of small businesses that are hit by a cyberattack within six months are forced to shutter their businesses because of the cost of that cyberattack.”
The FBI confirmed it is working with the Colonial Pipeline to investigate the cyberattack. As for other businesses that don’t have a squad of federal investigators, Trimble advises owners to make security plans now.
“The best way to address that is to get ahead of that before it happens, because if they wait until it happens and after they’re hit by an attack? There’s not much anyone can do to help them,” he said.
Colonial Pipeline restarted operations late Wednesday afternoon but said in a statement it will take several days for deliveries to return to normal. The company did not give an update on the ransomware investigation.
Aspects such as threat modeling and specific threats to social media platforms such as bots were discussed. The importance of incorporating security at the start of application development was emphasized and using sound DevSecOps practices. MYVU’s mission is to “Unmute the Middle” and is an unbiased social media platform to bridge a divided world.
“Cybersecurity Basics for Attorneys” was co-authored by Dawson Lightfoot of Lightfoot & Alford PLLC and Jonathan Trimble of Bawn.