Bringing The World Home To You

© 2024 WUNC North Carolina Public Radio
120 Friday Center Dr
Chapel Hill, NC 27517
919.445.9150 | 800.962.9862
91.5 Chapel Hill 88.9 Manteo 90.9 Rocky Mount 91.1 Welcome 91.9 Fayetteville 90.5 Buxton 94.1 Lumberton 99.9 Southern Pines 89.9 Chadbourn
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations
Law

Ransomware Attacks Target Municipalities

Stock image of a hand against a screen of computer code.
Pixabay
Ransomware attacks halt government services by holding municipal data hostage.

The economic impact of ransomware attacks is expected to reach more than $11 billion in 2019, according to Cybersecurity Ventures. State and local governments are increasingly vulnerable, and North Carolina is not immune to this growing problem.

In March, the entire computer system of Orange County was attacked by a virus. The incident required officials to shutdown several public offices which paused services ranging from issuing marriage licenses to processing library cards. While these attacks may be alarming to everyday citizens, ransomware attackers are not interested in the personal data housed in government files. Their goal is instead to cripple daily activity enough to receive ransom in exchange for a key to unlock the data. Without that key, it is highly improbable anyone could recover encrypted data.

Host Frank Stasio talks with Jason deBruyn, WUNC’s data reporter, who hasinvestigated the cybersecurity attacks in North Carolina and what municipalities are doing to combat future threats. Cybersecurity expert Richard White joins the conversation to highlight the power dynamics at play: companies and government agencies are willing to pay hundreds of thousands of dollars to regain access to their data while attackers face very little risk. He will analyze what is at the root of ransomware and what can be done to curb the trend. White is a professor at the University of Maryland Global Campus and author of “Cybercrime: The Madness Behind the Methods” (CreateSpace Publishing/2018).

INTERVIEW HIGHLIGHTS

deBruyn on why small and mid-size cities are increasingly targeted:

Basically it’s because they’re these soft targets … Perhaps some of these larger cities and big companies have more sophisticated protections in place, but some of these smaller cities like a Holly Springs, Apex or Zebulon … They don’t have huge budgets. They’re not really equipped to withstand a massive attack potentially.

 

This is not unlike a kidnapping - Jason deBruyn

deBruyn on the on-going cost of protecting data:

The thing to note here is that storing massive amounts of data in two different places is not free. Even if you’re not paying the ransom, the cost of storing a backup somewhere else — be it in the cloud with Google, Amazon—  costs money. There is still a very real cost to the protection here. 

deBruyn on the history of attacks: 

In 2016, there was one attack. In 2017 [there was] one attack. 2018 four attacks. And already so far in 2019, there have been nine attacks … They are definitely on the rise.   

 White on the method cyber attackers are using: 

[Ransomware] is a weaponized version of a tool that cybersecurity professionals use to protect the confidentiality of data. The bad actors have now incorporated that into their tradecraft and are forcing us to either go without data, cripple the business or pay the ransom which a lot of times you don’t get the data anyway. 

White on why the attackers are difficult to find: 

With tour routing, it’s a very special type of routing that hides the sender from the destination and visa versa and puts the sender through many layers. And now, the form of payment being requested as the ransom is bitcoin. It's very difficult to track bitcoin once it leaves the ledger and moves into the underground. 

White on how the FBI may have caused an uptick in ransomware attacks:

In 2015 the FBI’s mantra was: We advise you contact us, but we advise you pay the ransom if you want a chance of getting your data back … In the last week, the FBI has waned on the “pay the ransom” [advice]. They are encouraging the commercial market as a whole to stand against ransomware and not pay the ransom. That being said … Once the FBI advised to pay the ransom in 2015, there was a several hundred percent markup in the type of, the virulence of and the frequency of ransomware.

 

Stay Connected
Dana is an award-winning producer who began as a personality at Rock 92. Once she started creating content for morning shows, she developed a love for producing. Dana has written and produced for local and syndicated commercial radio for over a decade. WUNC is her debut into public radio and she’s excited to tell deeper, richer stories.
Longtime NPR correspondent Frank Stasio was named permanent host of The State of Things in June 2006. A native of Buffalo, Frank has been in radio since the age of 19. He began his public radio career at WOI in Ames, Iowa, where he was a magazine show anchor and the station's News Director.
Related Content