Companies are easy marks for ransomware attacks because most opt not to equip their systems with technology that’s available to prevent them.
Had Colonial Pipeline done so, the gasoline transporter would have avoided the ransomware attack that shut down its operations in May, causing the firm to pay Russian hackers ransom of $4.4 million, Frank Abagnale argues in an interview with ThinkAdvisor.
A cybersecurity and fraud-prevention expert for nearly 50 years, the security consultant is, however, best known for posing in his youth as an airline pilot, physician, lawyer and more while cashing $2.5 million in forged checks, as portrayed by Leonardo DiCaprio in Steven Spielberg’s film “Catch Me If You Can.”
After his release from prison, he became a consultant to the FBI, a relationship that continues today.
Clients of his Abagnale & Associates include Bank of America, Experian, Goldman Sachs, Morgan Stanley, and the tech platforms Intuit and Trusona.
In the interview, he stresses that cryptocurrency continues as an enabler of ransomware attacks and predicts that they will indeed increase further, especially the more vicious attacks that disrupt operations of a company, institution or government.
“We’re just scratching the surface,” says Abagnale, co-host of the AARP podcast “The Perfect Scam.”
Since 2018, there has been an increase of about 150% in ransomware and extortion claims in the U.S. — and that’s just the cases that are reported, he notes.
Ransomware attacks rose more than 150% in 2020, and the average ransom demand doubled, according to Group-IB, an Interpol partner.
On June 3, the U.S. government said it would use protocols to deal with ransomware attacks that are similar to those it employs to fight terrorism.
Financial services firms are a popular target of ransomware attacks.
Abagnale, based in Washington, D.C., discusses the repercussions to advisory clients and what firms can do to protect against such assaults.
He also talks about ransom-payment insurance claims and recommends that President Joe Biden get tough with Russian President Vladimir Putin about ransomware attacks, most of which are perpetrated by hacking groups in Russia.
Last week the Justice Department recovered $2.3 million of the $4.4 million in Bitcoin that Colonial paid to DarkSide, a Russian hacking group.
A week earlier, JBS Meat Holdings, the world’s biggest meat company, paid ransom of $11 million in Bitcoin to hackers.
Abagnale thinks that ransom should never be paid.
“Are you that naïve to believe that they haven’t kept a copy of your information and that it won’t be resold?” he says. “You’re dealing with criminals!”
ThinkAdvisor interviewed Abagnale by phone on June 8. In time, the conversation turned to his personal life.
That depiction of him on screen and in a Broadway musical, both based on his co-written autobiography, was a glammed-up version and far from “a biographical documentary,” he insists.
About a new book, “The Greatest Hoax on Earth,” which seeks to disprove his criminal exploits as they have been portrayed, he said: “I do not feel it worthy of a comment.”
Hera are excerpts of our interview:
THINKADVISOR: On May 6, Colonial Pipeline was the victim of a ransomware attack that for several days shut down its gasoline transport business, which supplies half the East Coast. They said their “cyber defenses were compromised ahead of the attack,” and that they had no plan. Your thoughts?
FRANK ABAGNALE: The criminals stole all their passwords. That enabled them to get into the system. We have to get rid of passwords. We have the technology to go without them, but it’s a slow process to get people to change. If Colonial Pipeline had that technology in place, the ransomware attack wouldn’t have occurred.
Criminals are never looking for challenges. They’re looking for opportunities. They go after companies that have the least challenges to keep them from getting in.
Cryptocurrency enables ransomware attacks. We can live in a world with cryptocurrency or a world without ransomware. But we can’t have both.
So, then, companies aren’t doing enough to avoid such attacks?
If you make it easy for someone to steal from you, chances are they will. These criminals know no one will arrest them and put them in jail, because they’re thousands of miles away.
We can’t track them down, arrest and convict them and send them to prison, because it’s some guy sitting in Russia, China or India.
Why don’t businesses do more to protect themselves and their customers?
They have the attitude “It can’t happen to me” or “I don’t want to spend the money to put that security into our system.”
We have technology to protect companies from ransomware attacks. But if you don’t use it, you’re just waiting for someone to victimize you.
Financial services firms are popular targets of ransomware attacks. What’s the impact on clients?
Once they steal your data, if the firm doesn’t pay the ransom, that data is out there; and clients’ personal banking and other information gets sold down the line.
Before you know it, somebody is getting into your bank account or doing something in your name.
In general, do you think companies should pay ransom?
I believe you should never pay ransom. I know why some companies do. But you need to understand that [the attackers] are probably not giving you back everything they told you they were.
Are you that naïve to believe that they haven’t kept a copy of your information and that it won’t be resold? You’re dealing with criminals! If you pay ransom, you’re just encouraging more of that.
Does the FBI think that ransom should be paid?
No, though in the case of Colonial Pipeline, [transporting gasoline to] the Eastern Seaboard was disrupted; and they were saying it’s worth $4 million to make sure this problem goes away.
The government said on June 3 that it will use similar protocols to deal with ransomware as they use in fighting terrorism. Do you consider ransomware attacks terrorist attacks?
Yes. If it’s attacking your operations and shutting you down, and affecting millions of people, it’s a terrorist act.
We always knew they would attack the electric grid, the banking system — things that disrupt people’s lives. We’ve seen that now with Colonial.
About $412 million in ransom was paid in 2020, according to Chainalysis, a blockchain research and services company. Will ransomware attacks occur more frequently in the future?
We’re just scratching the surface. It’s a very serious problem and a very easy crime. We’re going to see much more of it.
Since 2018, there’s been about a 150% increase in ransomware and extortion claims.
But many cases never get reported to law enforcement or the media because companies don’t want people to know they’ve been attacked and had to pay ransom.
However, now you’re going to see more attacks where they’ll disrupt operations. That’s more powerful than stealing customer data: The company is losing millions and millions of dollars a day.
So when the criminals say, ‘Pay me $3 million,” what’s that compared to the $20 million a day they’re losing?
What’s the chief reason ransomware attacks will continue to rise?
It will get worse because it’s such easy money to get — and look how much they can make!