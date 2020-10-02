Local leaders are worried about malicious phishing and are taking steps to protect Walla Walla County resources.
Although “phishing” may remind you of lazy days spent along a river bank, this word signifies anything but that. Phishing is actually a technique hackers use to get people to reveal their personal information, such as email addresses, passwords and credit card numbers.
Clicking on links or attachments in a phishing email may open a computer to hackers, and if that computer is linked to a larger network, that careless click can expose everyone.
Anything on the Walla Walla County network, from finances and other sensitive information to personal email conversations, could potentially become available to the hackers.
Since mid-September, Washington state agencies have been subjected to a continuous barrage of phishing, based on malware known as Emotet and TrickBot, according to news sources. These two pieces of malware are considered among the most dangerous cyber threats in the world today.
Highlighting the severity of the situation in a commissioners’ meeting this week, Chad Goodhue, Walla Walla County’s manager of information technology, said that experts measure security based on probability and impact.
“Right now, our number one security concern is phishing emails, hands down. And that would be represented by an extremely high probability and a high impact.”
In a recent test of county employees to see how many would fall prey to a phishing attack, a significant number failed, Goodhue said. More work to ensure the county’s computer systems are secure is needed, commissioners agreed.
Last week, Gov. Jay Inslee held a press conference about the statewide cyber attack in which he said that hackers have been able to access computers at multiple state agencies.
According to an extensive report by Bloomberg News, so far the attack has not significantly affected state operations but has served to reveal flaws in the state’s security measures.
And apparently these attacks so far have not included ransomware, a type of malware that locks users out of their computers or files, allowing hackers to demand a ransom to regain access.
That these attacks are occurring so close to the elections has raised concerns about whether the state’s election data is being targeted at a time when accuracy and speed are vital.
But Secretary of State Kim Wyman’s office tweeted recently that it has “no reason at this time to believe this is targeted at elections.”
The state is reportedly getting help in fighting this attack from the U.S. Department of Homeland Security, the FBI and Microsoft.
In planning the protections necessary here in Walla Walla County, Goodhue and his staff have made many changes to internal security systems and plan to take additional measures.
They have also been administering a “phishing test” to county staff by sending them emails that looked innocuous but are meant to emulate phishing emails. To Goodhue’s dismay, approximately one-third of the staff who received these emails clicked on them.
That’s mostly because hackers are clever, and phishing emails closely resemble legitimate messages. One clue is that they usually come with attachments. It’s clicking on the attachment that can infect the computer.
Some phishing emails may simply have a link embedded in the message. Clicking that link can also let hackers into the system.
As Goodhue explained to the Walla Walla County commissioners in this week’s regular meeting, “Washington state is under a cyber attack, and the payload consists of two separate pieces of malware. One is Emotet, the other is TrickBot, and both are harbingers of the Four Horsemen of the Apocalypse.
“If they’re not detected immediately they spread laterally, like a cancer, and they gather user names, they gather passwords, they harvest your email credentials, and it doesn’t matter whether you’re a network administrator or an administrative clerk in an office, if anybody clicks on it, we’re done.”
Emotet, in particular, is known for its ability to send emails from within a system, perfectly mimicking an internal email from a work colleague or friend. Both Emotet and TrickBot are linked to Russian hacker groups.
The commissioners expressed alarm, suggested training for staff to help them recognize potential phishing emails, and praised Goodhue for his extensive efforts to protect county resources.
Asked what Union-Bulletin readers should look out for to avoid phishing scams, Goodhue responded, “Readers in general should be wary of anything that attempts to get them to follow a link or open an attachment, whether at work or at home. With so many people working remotely sometimes those lines can get blurred.”
He continued, saying, “ Additionally, I would tell readers to make sure the email address is the same as the purported name, meaning just because something says it’s from Amazon doesn’t mean that the sending email address is really from Amazon.”
Because such malware may have been set with a delayed payload, Washingtonians should continue to be vigilant and practice good computing hygiene, officials have said. These things are especially critical leading up to the election.
“A healthy amount of paranoia around email is probably a good thing right now and well into the foreseeable future,” Goodhue said.
