One compromised username and password. That's how hackers from the cybercriminal group DarkSide gained access to Colonial Pipeline's servers in April, prompting the shutdown of 5,500 miles of pipes that move 2.5 million barrels of gasoline each day between Texas and the Eastern Seaboard.
It's the largest cyberattack on record. At least for now. Cybercriminals are employing more elaborate schemes to convert technology into tools of digital extortion, according to Acting U.S. Attorney for the Northern District of California Stephanie Hinds, who helped recover a portion of the $5 million ransom Colonial Pipeline paid the hackers to regain access to its servers and restart the flow of gasoline.
The DarkSide group is one of more than 100 ransomware variants being investigated by the FBI, which has identified more than 90 victims across multiple critical infrastructures, including health care.
Ransomware is a type of malware that infects computer systems to restrict access to the infected servers or extract data. Cybercriminals often hold control of networks and valuable information hostage, and demand exorbitant ransoms to hand them over.
They have healthcare facilities in their crosshairs and have become more brazen in their attempts to infiltrate computer networks to steal patient information, access electronic health records and even gain control over computerized medical devices.
Healthcare institutions are being targeted because cybercriminals know shutting down their computer systems could jeopardize patient lives, making it more likely for the victims to pay ransoms to get networks back online. They can also use stolen patient information to social engineer their way into personal bank accounts.
Brett Johnson, one of America's most wanted cybercriminals turned FBI informant, knows how the seedy underbelly of the internet operates. Mr. Johnson, whom the Secret Service dubbed the "Original Internet Godfather," laid the foundation for the way organized cybercrime channels still operate. In this month's cover story, he warns of imminent threats to your facility's software systems. Being the victim of a cyberattack is a matter of when, not if.
Cybercriminals aren't necessarily computer masterminds or hoodie-wearing hoodlums hunched over keyboards in their mother's basement. Mr. Johnson says they're often personable individuals and excellent social engineers who target people, the weakest link in technological defenses. They send phishing emails, trying to trick unsuspecting individuals into giving them private data or installing malware on their company's computer network. One distracted click on a link or document sent from an apparent trusted source could give hackers the access they need to steal private information or shut down entire organizations.
A couple years ago, AORN's leadership had the foresight to recognize the increasing danger cyber threats posed and took steps to bolster the company's firewall. Every employee must complete annual cybersecurity training and is always on alert for fake phishing emails sent out as clickbait by the IT department. The tests have made us more vigilant — or is it paranoid? I'm nervous to click on links I've forwarded to myself — and that's a good thing.
Mr. Johnson says preventing cyberattacks requires self-awareness from individuals like you and me, especially as cybercriminals are becoming more creative and cunning in their efforts to infiltrate computer networks.
Each of us has a responsibility to protect our organizations from the thieves who troll the internet in search of their next victims. Together we can create an impenetrable cybersecurity chain. OSM