Village of Menomonee Falls - Investigators from the Menomonee Falls Police Department said this is the first year cyber ransoming has been reported by local businesses.
Detective Barry Babler, who investigates cyber crimes, said what typically happens is businesses turn on their computers in the morning and find they have been locked out of their system overnight. The computer will then begin writing messages to them on the notepad demanding a ransom to be paid in Bitcoin, a universal, virtual currency that is most widely know for its use on the black market -- and it is virtually untraceable.
How it happens
Typically, hackers write programs that crawl the internet looking for vulnerabilities. A common area of weakness in business computers actually stems from the all-in-one printer systems, according to Babler.
“When Cannon (or another maker) puts out one of those, it comes with the generic login and generic password, so even though someone’s system can be totally secure with their own firewall and their own security system, what happens is someone can gain access to their system if they have the password to get to manipulate into the printer, so that’s how they mole into their system. They send out that ransomware and lock up their computers,” Babler said. “That’s how I’ve seen it happen a couple of times.”
The most recent case of cyber ransoming in Menomonee Falls was in October at the Wood Specialties Company, located on Garwin Mace Drive. Hackers got into their system, locked it down and demanded eight Bitcoin, which is equivalent to approximately $5,672.
Lieutenant Jeff Knope is not sure what the outcome was for this company, and they did not respond to requests for an interview, but he said generally, there is little to nothing local police departments can do because the crime is typically done outside the United States.
“It’s up to the company to decide how to handle the matter,” Knope said. “If you have IT personnel that think they can address the problem and rectify the taking over of their system, they’ll do that, but in other cases, believe it or not, when they pay the ransom, it will restore your services. Very often the hackers follow through.”
What you can do
There are important steps people can take to prevent these crimes from happening on their personal computers, or to make the issue less serious if it does happen, Babler said.
Identify vulnerabilities: “You have to be aware of where all of your possible entry points into your system are and make sure those are all secure," Babler said. "Obviously, a good firewall is the first thing. You need to know where your vulnerabilities are."
Create challenging passwords: “They say the best password should be 16 characters long,” Babler said. “It should be a combination of letters, numbers, symbols and it should not have any two of the same characters in a row. It should alternate or have different capital and lowercase letters and it should not be a phrase.”
Back up your files: “It’s very important for people to always have a backup," Babler said. "You want to back up your hard drive, and you can do it very inexpensively.”
While there’s virtually nothing local police departments can do about this type of cyber crime, there’s a reason you should still report it.
“By all means, people can report it to us," Babler said. "There’s really not going to be much we can do with that, but generally, we’re going to refer them to IC3.gov (the FBI’s Internet Crime Complaint Center). That has good tips about what to do.”
Through this national reporting center, the federal government is tracking where these crimes are happening in an attempt to prosecute hackers internationally.
For more tips on how to prevent cyber attacks, visit the Department of Homeland Security’s website at www.dhs.gov and click on the cybersecurity tab.