Cyber security hacking impacting central Wis. companies too

RIB MOUNTAIN, Wis. (WSAW) - From food to energy, cyberattacks, specifically ransomware attacks, are hitting all kinds of industries critical to the country’s infrastructure and it is happening in central Wisconsin too.

“It can be a serious threat to your business and your employees and they can shut a business down,” Andrew Hale, The Dirks Group business development executive said.

The Dirks Group provides network infrastructure and security for organizations and businesses in central Wisconsin. Hale said in the last few months four businesses have fallen victim to ransomware attacks.

“They want money to fund their organization. So, they will, one, hold you at ransom for a certain amount of money, usually in a Bitcoin transaction or something of that sort. They will also threaten you with the shame of putting your information on the dark web,” Hale explained.

He said the cybercriminals are looking to disrupt a business and make them feel the impact. For small businesses, he said it is typical that they will face as low as a $10,000 ransom, and larger companies can expect $200,000-500,000 to get their information back. For companies under The Dirks Group security, they work with a separate company to communicate with the cybercriminals to try to reduce the ransom or exploit the criminal organization’s weaknesses, but their primary goal is to get the information back and the network secured.

“There’s (sic) multiple ways for them to get in. A lot of it is guessing a password or hacking a password,” he said. “So, you never want to use something that is your pet’s name or it needs to have more complexity. So that’s one way. Another way that they can get in through vulnerabilities is not keeping your Windows and Microsoft patching up to date.”

Layered security is necessary, Hale said. That way if hackers can make it through one level, another can stop it. That includes employee training and education so they know how to spot phishing emails, create complex, unique passwords, and thinking before clicking. When receiving an email from someone you know that asks for money, check the email address to ensure the characters are completely correct and contact that person to double-check if they sent the email.

Here is what The Dirks Group recommends:

- Employee security awareness training

- Firewall

- Multifactor authentication

- Email filter

- Password policy that includes pass-phrases with upper and lower case letters, numbers, and special characters to create complex passwords

- Up-to-date antivirus software that uses artificial intelligence

- Off-site backup systems

- Cybersecurity insurance in case a hack does occur and the company has to pay

The Dirks Group was able to get back the information stolen from the four companies in central Wisconsin and get them secure, however, payment to this often necessary because Hale said it is really hard to identify hackers and law enforcement has a difficult time retrieving the payment.

“Ransomware and digital extortion pose a national security and an economic security threat to the United States,” Lisa Monaco, the deputy attorney general said in a press conference in Washington D.C. this week.

She said ransomware can even take out whole cities. The U.S. Department of Justice now has a ransomware and digital enforcement taskforce and was recently able to recover millions of dollars in Bitcoin an oil company paid hackers after it was attacked.

Hale said for central Wisconsin, manufacturing is a target given its importance to the national infrastructure.

“It’s much more serious and the attackers are much more serious than they were before.”

For more cybersecurity tips from the Cybersecurity & Infrastructure Security Agency, click here. To learn more about personal privacy protection online, click here.

Copyright 2021 WSAW. All rights reserved.