Governments are now falling victim to ransomware attacks just as thousands of corporations, small businesses, nonprofits and other entities, like hospitals, have worldwide.
An employee of the Mecklenburg County government on Monday received an email routed from another employee's account and opened it and a malicious attachment, infecting the county's network. Hackers set a deadline of 1 p.m. Wednesday for officials to pay a ransom of about $23,000 but the deadline passed and it was not known whether a ransom was paid. The computers remained down.
"What makes this more dangerous is that hackers are now evolving different ways of getting inside the government network and employees can be the weakest link," Bob Noel, director of strategic relationships and marketing for Plixer, a Kennebunk, Maine, firm, said in a statement.
"In these sophisticated attempts, it is hard, if not impossible, for government employees to recognize a phishing email as the spoofing is so professional," Noel added.
Ransomware attacks have become a global phenomenon. In at least two major waves of attacks this year, tens of thousands of infected computers in at least 150 countries displayed a message saying the hard drives had been frozen and would only be decrypted if a bitcoin ransom was paid.
Major corporations suffering large losses in the May and June attacks included the U.S. pharmaceutical giant Merck, the FedEx logistics and package delivery firm, and Danish shipping line Maersk.
Global ransomware damage is likely to rise from $5 billion this year to $11.5 billion in 2019, the Menlo Park, California, firm Cybersecurity Ventures said in a report last month.
Spoofing emails take many forms, including what appear to be requests from within a corporation to transfer money to an outside account to pay bills.
While some hackers use stolen personal identifying information to try to hack anyone, then penetrate into their workplace networks, few have targeted governments.
"A ransomware attacks relies on the victim being able to make a quick payment. Most government agencies would not have the capability of making a quick payment even if they wanted to," said John Gunn, chief marketing officer at VASCO, an Oakbrook Terrace, Illinois, cybersecurity firm.
Moreover, Gunn said, "ransomware works best against victims that want to avoid a disruption of their business and the economic losses associated with losing customers. Government agencies generally don't lose customers regardless of the level of service provided."
One security researcher said ordinary citizens should not feel bad if they get taken in.
"Even the best of us can be fooled by a specially crafted phishing campaign," said Travis Smith, principal security researcher at Tripwire, a software company with headquarters in Portland, Oregon. "The next step is to ensure updates are installed in a timely manner, as malware often takes advantages of known vulnerabilities."
(c)2017 McClatchy Washington Bureau
Visit the McClatchy Washington Bureau at www.mcclatchydc.com
Distributed by Tribune Content Agency, LLC.