Cyber security experts have issued warnings Monday on internet safety after a Lubbock business was apparently attacked by hackers.
The computer systems at Caprock Business Forms were non-operational Friday, following the attack, which was triggered by a suspicious email opened by an employee, according to staff.
“We’ve got a really good IT guy and our software people have been able to help us through quite a bit of it too,” said Caprock Business Forms personnel manager Jon Jones. “So far, with his help and our software people, we have been able to get everything back. Although we still have one issue right now, … we have not had to pay the ransom.”
“I’ve heard that there has been a couple other people that have been hit in town,” Jones said.
“Frustrated, and ticked off… To think that people can come in and pretty much just block you out of your work because they want some of your money,” he added.
Sam Segran, Texas Tech’s Associate Vice President for Information Technology and Chief Information Officer, listed a series of important steps to protect information from hackers.
“Bad guys are ultimately trying to get a program, their programs, on the computer,” he said. “Minimum what folks should do, they should do three things. They should make sure their system ID is changed, they should make sure the default password is changed, and they should make sure that they turn the encryption on.”
He recommended people update software, install anti-virus programs, and monitor online activity.
“Treat your password like a toothbrush. Change it frequently – don’t share it,” Segran said.
For people who believe they have become victims of hackers, Segran suggested to “get professional help first. Immediately get it off the network, turn off the computer, and get professional help.”
Lubbock Police said computer crimes can be particularly difficult to solve.
“We’re talking about somebody that would be overseas, or another state, even another country. So those are very difficult for us to investigate,” Lieutenant Ray Mendoza said. “We work very closely with the FBI and try to come to a conclusion on any of these cases. What the difficulty is, is as soon as they send that money, you’re probably not going to get it back.”
Terry Duvall, owner of Duvall Technology and IT Specialist for Caprock Business Forms said he was able to remove the “ransomware” and recover data with the exception of two hours prior to the hack.
“Ongoing there will be some retraining of employees and upgrades to some backup and recovery software along with operating systems,” Duvall said Monday morning.
“Make sure your backups are current, make sure that you have employee awareness. Don’t open things that probably look suspect, things like that,” Duvall advised Friday.
“We would never recommend that you actually pay the cash,” said Mendoza. “We recommend is if you find yourself in that situation, that you unplug the computer and take it to a professional, and hopefully they can have it removed.”
“Ultimately, it’s up to the person, because it depends how bad, how badly do they need the data. It really depends. If it depends on the success of the business, or the business is going to cave under, it’s up to them to decide what is the value of that data,” Segran explained.
“The thing to remember though is just because you paid them and got your data back, doesn’t mean that they won’t be back because their program could still be on your system. And 6 months later, a year later, 2 years later, they might come back and say ‘Here we go again,'” Segran said.
“If you don’t know who that email is from don’t open it. Dump it. Get rid of it,” Jones said. “Luckily, we were able to get past it, for now.”
