One hapless click can snap Norman residents into a tangled web of hackers, lost data and bitcoins.
Norman Public Schools recently joined the ranks of those who fall victim to ransomware attacks about every 11 seconds.
Exactly how hackers breached the school system and other details are not yet available. A Norman Public Schools spokesman also declined comment Tuesday on whether ransom was paid or how the cleanup is proceeding in the wake of the Nov. 4 malicious ransomware attack.
“The investigation is still underway,” said communications director Wes Moody.
But a University of Oklahoma associate professor of management information systems says the school system appears to be reacting appropriately.
“Based on the message they posted, they’re doing exactly what they should be doing: Working with law enforcement and working with a company that can help them to recover their data,” said Alexandra Durcikova, Ph.D.
She said Norman schools have plenty of company. No one is immune to ransomware attacks in which hackers tie up the victim’s computer files and demand ransom in exchange for a key to unlock the encrypted data.
“It’s anybody and everybody,” said Durcikova. “Anybody who has access to email or the web.”
Indeed, Oklahoma victims reported more than $50 million in losses, said Kayla McCleery, public information officer for the Federal Bureau of Investigation’s Oklahoma City office.
Phishing for dollars
Durcikova said about 90 percent of cases happen through so-called phishing emails, a term used for malicious emails used to trick people into falling for a scam. Sometimes even websites might have a malicious file attached to them.
Schools, businesses, cities and health care systems using a large network of computers make great targets. In large organizations, Durcikova said, the ransomware software quickly jumps from one computer to another, to another, to another.
“The more computers they catch, the more computers they encrypt, the more money they can collect,” said Durcikova.
Dirty business
“This is truly a business transaction,” Durcikova said. “They (hackers) want to make money.”
Scammers rake in the bitcoin. For the promise of unscrambling victims’ data, hackers may demand anything from several hundred dollars to $70 million or so in crypto currency. Hackers demand bitcoin, Durcikova said, because it’s so difficult to track.
But a hot debate rages over whether ransom should be paid.
“The FBI does not encourage paying ransomware just because it may embolden the criminal actors to target additional organizations,” the FBI’s McCleery said. “It also doesn’t guarantee that data will be recovered.”
Some may find it particularly stomach-churning to hand over bitcoins to hackers who attack healthcare facilities. Recently, a 3-year-old patient in a Des Moines hospital reportedly received a “megadose” of pain medication due to computer issues sparked by a ransomware attack.
Unfortunately, it may be cheaper and easier for cyber victims to give in to demands, Durcikova said, than to spend time and money on trying to revive their data.
Outsmart the crooks
Outsmarting the crooks isn’t exactly easy for businesses or individuals, experts say.
“There’s no silver bullet,” Durcikova said.
Businesses should try to back up their data and invest in training employees, she said.
A large red screen on the computer with a notice such as, “Uh-oh your files are being encrypted,’ is a signal to immediately shut down the computer.
“The faster you shut it down, the fewer files get encrypted. The majority of your files will be untouched by the encryption software,” Durcikova said. “Then go find somebody who can safely remove the ransomware from the computer.”
She recommends replacing computers every five years and updating all devices as soon as the updating notice appears.
“To avoid becoming a victim, we encourage everyone to avoid clicking on any links or emails that are from unfamiliar sources,” said Meghan Jackson, Norman Police Department’ public information officer. “Also, invest in robust virus protection for your computer and electronic devices.”
Durcikova said a good rule of thumb is never to open an email or text message if you’re not expecting it.
“It’s a lifestyle,” Durcikova said with a sigh, “that we now have to live.”
