FBI Agents: How to protect against sophisticated malware

Published: May. 19, 2023 at 2:54 PM EDT
Email This Link
Share on Pinterest
Share on LinkedIn

ROANOKE, Va. (WDBJ) - Earlier this week, Franklin County Public Schools had to close because of a ransomware attack.

Three weeks ago, Bluefield University was the victim of an attack that is still affecting some operations.

This time two years ago, our region was dealing with the effects of a cyber attack against the Colonial Pipeline.

As our online networks get more sophisticated, so do the bad guys.

“You know malware and technology is constantly evolving,” said Special Agent Christopher Cope with FBI Richmond’s Cyber Squad.

He says ransomware is prolific. Not only can attackers hold your network hostage, but now they also can more readily exploit your personal information.

And they can do it fast.

“No sooner is a vulnerability identified through say, Microsoft and a notification is made, actors are already looking to exploit those vulnerabilities,” Cope said. “You’re talking within minutes or hours of the vulnerability being released publicly.”

How do they do it?

Cope said bad actors can now pay a service to do the dirty work of ransomware for them.

“They’ll pay a fee or they’ll pay a commission toward whatever money is collected off the proceeds from the ransomware activity,” he said.

It often begins like an infection. An email with a link or document hiding the malware can be released when opened or clicked, seizing up the network.

Cope said they’ve identified many bad actors abroad, particularly from Russia and Ukraine.

“If we’re able to identify the developers‚ we’re able to indict them and put out a written notice as well,” he said. “So, if they do travel, it makes it more difficult for them to travel as well.”

So how can your business or institution make sure you’re protected?

Cope offers these tips:

  • Train your team to identify signs of exploitation.
  • Have a robust patch policy to repair your network’s vulnerable spaces.
  • Have an offline backup.
  • And, if you do have a problem, report it. You could help protect someone else.

“The FBI cannot investigate what we don’t know,” he said. “You always feel a responsibility for protecting the public, And when they fall victim you want to try to provide more.”

Cope said they know cyber attacks are underreported.

That’s partly because cyber security insurance is a major practice, which can help with speedy recovery.

Agencies like the FBI and Homeland Security can help with recovery.

But given how difficult it can be, they stress prevention and education.

NOTE: A previous version of this story incorrectly stated that the Colonial Pipeline hack happened in 2022, not 2021.