You may have noticed the U.S. has been on the wrong end of recent cyberattacks.
A report titled America's Data Held Hostage by the Senate Committee on Homeland Security found attempted ransomware attacks hit record levels in 2021. The U.S. was targeted the most with nearly 422 (421.5) million attempts, a 98% increase from 2020.
Cybercriminals are grabbing hold of U.S. systems with a common tactic known as phishing.
That’s when scammers try to get you to share personal information by disguising themselves as a credible person in a text, email, or phone call.
You may have also heard the word “ransomware”. It’s a program that hackers use to hold digital information hostage until they receive a specified payment. It’s become the top choice of malware for criminals in recent years.
And it’s becoming a business.
According to the White House, ransomware payments reached over $400 million globally in 2020.
Last may, a ransomware attack on Colonial Pipeline forced the company to shut down for nearly a week.
And it caused gasoline shortages and price hikes across several southeastern states.
That ransom cost the company nearly $5 million to hackers in order to regain access.
A Russian group called Darkside was blamed for that attack.
Months later, JBS, the world’s largest meat producer, also announced it too was targeted by a cybersecurity attack.
You may have heard or even felt the impact of these hacks.
Yet others often go unreported. According to a 2016 FBI report, only 15% of Americans report internet crimes to law enforcement.
Many of these hacks happen to everyday businesses like hospitals.
Just think of all the personal and private information you typically share with your doctor, which ends up being stored electronically.
When it comes to identifying the culprits for these attacks, Russian cybercriminals have established a reputation for cyber crimes.
Those attacks and Russia’s invasion of Ukraine caused President Biden to issue a warning in march to all major U.S. companies.
Many American businesses haven’t implemented tougher cybersecurity systems, mostly because they’ve never legally had to.
And that’s concerning to the Biden administration, as most of our major infrastructure is not run by the government.
But that’s changing soon.
In March, President Biden signed a bill into law that will legally require critical infrastructure businesses to report cyber attacks to the government within 72 hours.
Cybersecurity experts say it’s also costly for companies to up their IT security. And it’s proving difficult to find businesses that do, leaving critical offices vulnerable to attacks.
The Biden administration also announced it removed malware from computer networks around the world, in an attempt to stop any attempted attack, before it is too late.
Even with increased federal action, lawmakers say the threat for another major attack remains a top concern.