• Attacks against JBS, and energy company Colonial Pipeline caused major supply chain issues.
• High-profile digital strikes should serve as reminders to be vigilant for anyone with mobile devices.
• A Reddit post chronicles how a hacking alert from an adult website gave the author time to contact all financial institutions.
• Even if transactional data is encoded, that doesn’t prevent a hack.

Recent ransomware attacks against U.S. food processor JBS, and energy company Colonial Pipeline caused major supply chain issues and flash price hikes due to resulting food and fuel shortages.

Necessary computer files and servers for both companies were rendered useless due to malicious encryption software that hackers loaded onto the systems.

Within days, both companies gave in, and paid the bad actors millions in Bitcoin for the decryption software needed to access their respective mission-critical files.

Experts Propose Vigilance

Such attacks are becoming more common.

According to a recent report from Chainalysis, the incidence of ransomware attacks increased more than 300% in 2020 compared to the previous year.

These high-profile digital strikes should serve as reminders to be vigilant for anyone with mobile devices, home-based routers, and laptops that access the web including password-protected accounts, especially for retail cryptocurrency investors.

“There is no stopping a malicious actor from getting access to a device or account. They will always find a way, so the question is – what can you do to slow them down or throw enough obstacles in their path to go somewhere else,” said cybersecurity expert and consultant, Michael Spurgeon whose credentials include 26 years combined experience with the technology and cybersecurity sector with the following certifications: CISSP, MCITP, CCNA, CISA – among others.

One Lucky Redditor

According to Spurgeon, one of the easiest ways to protect your various accounts is by setting the highest level of warning alerts for suspicious activities at the various online portals you use – whether they are crypto exchanges, online digital wallets, trading websites, bank accounts – or even adult websites.

This recent, and unusual, Reddit post titled “Pornhub just saved a lot of my crypto” chronicles how an early warning hacking alert from an adult web site gave the Redditor time to contact all financial institutions and crypto accounts to block further fraudulent access.

This specific Redditor was extremely lucky because Spurgeon says adult websites are prime targets for cyberattack.

“That type of website has credit card information, client names, phone numbers, addresses, download details – it’s potentially controversial and embarrassing if those details go public – that makes it more valuable to cybercriminals. Most sites in general – including adult sites – don’t do enough to protect data,” he said.

No One Is Safe

Specific to cryptocurrencies, Spurgeon noted that the “crypto” in cryptocurrency stands for cryptography, which is a way to protect information using asymmetric encryption by creating one software key to encode data and a different software key to decode it.

But even if transactional data is encoded, that doesn’t prevent a hack on a web account or device. Retail crypto-investors need to protect themselves by storing their digital assets offline in “cold” wallets, while also securing their seed phrases and private keys to their crypto exchanges offline, not on any devices. He’s also an advocate of two-step verification and multi-factor authentication.

“There are so many scenarios that can play out, no single industry has the championship belt in cybersecurity protection.

Right now, large banks have the most reliable systems in place. Because not only do they get alerts from public networks, they also get alerts from law enforcement and the FBI which enables them to notify the appropriate financial institution about any indicators of compromise, so the bank can then alert the consumer quickly,” said Spurgeon.

Preemptive Measures Advised

According to Spurgeon, the sooner you know your device or account is under attack, the sooner you can take the necessary steps to neutralize the threat and keep it from spreading elsewhere.

If your windows device is compromised, he says re-installing the operating system usually removes the threat, but you’ll want to work with the device’s technical support team to be sure.

“Generally speaking, some telltale signs that your device may have been compromised are system slowness, unusual patterns appearing on the screen, random screen flickering, or frequent freezing up of the device so it doesn’t work. These are possible indicators that your device may have been hacked,” said Spurgeon, “but your device might not show any of those signals and could still be compromised. It’s good to run a regular security scan using a trusted app to be sure.”

Two of the cybersecurity tools he recommends that have options for businesses and individuals are TrendMicro and Cylance. Protect yourself and your assets, the next cyberattack could be coming to a device near you.

On the Flipside

• No system is 100% secure. The same way retail investors must DYOR as they evaluate cryptocurrencies, the same applies when trying to keep that investment safe – do your own research.