Ransomware Q&A with Midland technology director

With ransomware attacks causing problems in the US and around the world, the Midland Business Alliance works to protect local businesses.

The Midland Information Technology Consortium (MITCON) is a wholly owned subsidiary of the MBA providing technology solutions to nonprofits and small businesses in Midland and the Great Lakes Bay region. That includes helping businesses with cybersecurity and threats, said Tracy Quinlan, MITCON’s executive director.

Ransomware is a form of malware that encrypts device files and renders them unusable, which usually results in perpetrators demanding ransom, according to the Cybersecurity and Infrastructure Security Agency website. Recently, Colonial Pipeline and meat processor JBS USA Holdings Inc. made headlines with ransomware attacks that lost Colonial millions of dollars.

The Midland Daily News Quinlan asked how MITCON is helping companies address these ransomware threats and what they should do to prevent them.

MDN: Did MITCON talk about the ransomware threat at all?

Quinlan: Whether ransomware or phishing attacks, our MITCON employees and customers regularly discuss potential threats.

Has a Midland company experienced a ransomware attack?

We are currently not aware of any local companies that have experienced a ransomware attack.

Which industries are most at risk from ransomware attacks in Midland?

I believe that every individual and company can be vulnerable to phishing and ransomware attacks. Cyber criminals do not discriminate whose data they steal, hold hostage, or receive money. Everyone who uses technology is a target.

What are companies doing to prepare for ransomware attacks? What does MITCON do?

At MITCON, we use firewalls, spam filters and malware software to detect and ward off threats. Cyber security audits are used to find and mitigate vulnerabilities before a security breach occurs. We are also looking for ways to educate our end users about best practices and identify potential phishing threats that can bypass a filter by themselves.

Are these audits supposed to test the security of local businesses?

These are audits performed by an outside cybersecurity auditor for the security of our network, but any company can also use a contract to test their company.

What are the risks for businesses and consumers if businesses are attacked?

There are many risks to businesses falling victim to an attack. Not only can the company’s data, funds, and account information be compromised, but customer information could also be compromised.

What should companies pay attention to when it comes to this topic?

  • Watch out for suspicious emails: Most ransomware attacks start with a phishing email, in which someone clicks a link and the infection starts. Regular security training can help employees avoid these security vulnerabilities and can be a first line defense against a possible breach.
  • Two-factor authentication and complex passwords are strongly recommended.
  • Back up your system regularly and save your data on a separate system that cannot be accessed over a network. Discuss the backup recovery plan with your IT professional.
  • Use an anti-malware security system to detect and block ransomware. Run regular scans on your devices to minimize and eliminate potential threats.
  • Firewalls reduce the likelihood of web-based malware downloads and prevent ransomware from connecting to servers.
  • Email spam filters scan and filter incoming and outgoing email to detect threats before they reach end users. An email security appliance can block attachments and restrict types of file extensions that can be delivered via email.
  • Update your hardware and software regularly, including all security patches. Your system will notify you when updates are available, or you can schedule them to run automatically when you are not using your computer.
  • Talk to your insurance agent to find out if your company needs cybersecurity insurance and what your liabilities are.