Chris Buthe, manager of cyber physical security services with California Manufacturing Technology Consulting in Torrance, gives a cyber security presentation at the San Joaquin Valley Manufacturing Alliance’s 4th Annual Manufacturing Summit last month at the Fresno Convention Center.
Written by David Castellon
A year ago, hackers stealing social security numbers from businesses and personal computers could have gotten about $30 per number on the digital black market.
That could be a huge payout, considering some data thieves have illegally mined millions of social security numbers and other bits of personal data from a single business.
This year, that illicit work is a bit less lucrative, as the going rate for a social security number currently is about $18, said Rich Rice, an information technology consulting manager for Moss Adams, a Seattle-based accounting, consulting and wealth-management firm with an office in Fresno.
“It’s supply and demand,” he said of crooks making less money on some cyber attacks, noting that they’re occurring so much more frequently, with so much stolen personal data available that people just aren’t willing to pay as much for it, Rice noted to the small crowd who attended his discussion on cyber security at the San Joaquin Valley Manufacturing Alliance’s 4th Annual Manufacturing Summit last month at the Fresno Convention Center.
It’s a sad testament on the rampant growth of cyber attacks on businesses and individuals and how successful the hackers have become.
Since 2013, nine billion data records have been stolen in the U.S., Rice said,
“We’re talking about social security numbers; personal, identifying information, such as addresses, phone numbers, dates of birth, personal health recorders, credit card data, etc.”
Rich told the audience that’s up almost two billion such thefts compared to two years ago, “so the trend is increasing quite a bit.”
Most of those attacks are financially motivated, with tech-savvy crooks stealing data on customers or employees to later steal their money, take proprietary data to sell or introduce malicious software that locks people out of their business and personal system until the victims pay “ransom” in exchange for the codes to turn off the “ransomware.”
Cliff Dunbar, chairman and CEO of Buckman-Mitchell Financial and Insurance Services in Visalia, said recently a senior executive in his organization received an email seemingly from him saying he was out of town and needed $200,000 sent to him right away.
“She began doing it,” but stopped, thinking she should verify the request, and discovered Dunbar actually was at work and never sent the email, he recounted.
“In the past, you worried about break-ins and thefts. Now you have to worry about break-ins into emails and computers systems,” Dunbar said, adding that even with high-grade compute defenses, employees need to be watchful of being targeted by hackers, which can be as simple as opening a seemingly innocuous email and unknowingly allowing malware into a computer system.
Ag emerges as a target
Peter Baldwin, senior vice president with Alliant Insurance Services in Fresno, which sells cyber insurance for stolen data, agreed.
“What we are seeing now in the Valley, growers, packers shippers, manufacturers — anybody that has computers that are operating in their companies — are targets or potential targets … particularly the lower-hanging fruit without the firewalls and other protections they should have to prevent these [attacks],” he said. “I’m saying that any business or person could be targeted by a cyber attack.
“I’ve been involved with two [Valley] manufacturers in the last 90 days that have been taken hostage,” Baldwin said, adding that the businesses declined to pay the hackers’ ransom, but it cost each upwards of $200,000 to purge their computer systems of the malicious software — or “malware” — and restore their systems, and that doesn’t include the cost of lost work and sales resulting from the attacks.
The threat has gotten worse, not just in the number of cyber attacks but because cyber criminals have been changing their tactics in recent years, taking control via computers of building systems, utilities and manufacturing equipment, demanding ransoms — sometimes in the millions of dollars — to restore systems or causing business shut-downs or damage.
Some of these attacks not only threaten the wellbeing of the businesses, but also lives.
Rice said one of the most notable such attacks occurred at a German steel mill in December 2014.
The German Federal Office of Information Security reported that the hack was the result of an employee clicking on a phishing email, which allowed malware to make its way into the company’s computer system.
German officials initially disclosed only that the cyber attack caused “massive damage” to the foundry, according to SecurityIntelligence.com, but Rice said he has heard plant operators were locked out of the controls of a blast furnace, and it blew up.
He added that German officials didn’t disclose if anyone was injured in that cyber attack.
“This case is just one of the latest examples of Hollywood fears coming true through the Internet of Things,” SecurityIntelligence.com reported.
Since then, now famous data theft attacks on major businesses including Target, Sony Pictures and Merck pharmaceuticals have been mixed with reports of hackers going after hospitals and shutting down utilities and businesses, some for days at a time.
In late June of last year, a ransomware attack shut down the main terminal at the Port of Los Angeles for three days. The Danish shipping company that owned the terminal, A.P. Moller-Maersk, later told the Wall Street Journal that the attack would likely cost the company up to $300 million.
Earlier this year, the British government reported that hackers working for the Russian government were responsible for the global Petya Cyber Attack that had a wide range of targets that included Merck and FedEx. Petya also reportedly hit Princeton Community Hospital in West Virginia, which was forced to replace its corrupted computer network entirely, according to news reports.
Hancock Health in Indiana last year reportedly gave in to hackers’ demands and paid them $55,000 worth of bitcoin in order to regain access to about 1,400 patient files that had been encrypted by malware and made inaccessible.
Even ships are being targeted by hackers, with some losing navigation while navigating harbors, said Chris Buthe, manager of cyber physical security services for California Manufacturing
Technology Consulting in Torrance, who gave his own cyber security presentation at the Manufacturing Summit.
Hackers also have corrupted the data in manufacturing processes, forcing some items to be recalled, he added.
Some Valley manufacturers contacted declined to be interviewed about the threat of cyber attacks on their businesses, citing fears of being targeted by hackers.
Unfortunately, Buthe said, “You can have the best defense in the world. You can have the Pentagon’s defense. It can be penetrated,” for the simple fact that cyber attacks are evolving at a much faster rate than cyber defenses.
It has gotten so bad the Defense Department is requiring its contractors and sub contractors to show proof that they have installed sufficient levels of protective software in their own computer systems to reduce the chances of infecting the DOD systems with malware.