CELINA - The Cleveland FBI Office, which is aware of the cyberattack at Crown Equipment Corporation, said it aims to protect the public from and thwart perpetrators of cybercrime, which is on the rise nationally.
"FBI Cleveland is aware of the incident involving Crown Equipment" said spokesperson Eden Koeth. "While we cannot comment additionally on any specifics, the FBI routinely works with both public and private sectors regarding cyber threats in order to help them guard against the actions of cyber criminals."
The FBI, Koeth said, works with "our interagency partners to identify, pursue, and defeat all those who partake in cyber crime."
The cyber landscape today is threatened by a multitude of malicious actors who have the tools to conduct large-scale fraud schemes, hold money and data for ransom and endanger national security, according to the FBI's 2023 Internet Crime Report.
Profit-driven cybercriminals and nation-state adversaries alike have the capability to paralyze entire school systems, police departments, healthcare facilities and individual private sector entities, the report states.
For instance, the Change Healthcare cyberattack that disrupted health care systems nationwide earlier this year started when hackers entered a server that lacked a basic form of security: multifactor authentication.
"In 2023, IC3 (Internet Crime Complaint Center) received a record number of complaints from the American public: 880,418 complaints were registered, with potential losses exceeding $12.5 billion," the report reads. "This is a nearly 10% increase in complaints received, and it represents a 22% increase in losses suffered, compared to 2022."
Cyberattacks on businesses are rising, including small businesses. It's a troubling trend because a breach can be very costly and time consuming if owners don't have a plan to deal with one.
According to the Verizon 2023 Data Breach Investigations Report, the median cost per ransomware attack - which features a type of malicious software designed to block access to a computer system until a sum of money is paid - more than doubled over the past two years to $26,000.
That's partly because there has been a dramatic increase in ransomware attacks, which represent 24% of all breaches.
"That could be disabling a program that's used daily, disabling access to information that's used daily, since pretty much any businesses, especially big companies, are so intertwined with technology," said Sam Blank, an Auglaize County Sheriff's Office deputy who specializes in cyber security. "If those databases or systems are disabled, it really kind of devastates the normal day-to-day process."
The FBI has observed cyber criminals using email phishing campaigns, remote desktop protocol (RDP) vulnerabilities and software vulnerabilities to infect computer systems with ransomeware, per an FBI public service announcement.
Cyber criminals may send an email containing a malicious file or link, which deploys malware when clicked by a recipient.
"Probably one of the biggest things to do is don't open an attachment (from) any email that you don't trust or don't know," said Celina Police Chief Tom Wale.
"If somebody (were to) see something suspicious … don't click on anything," Blank stressed. "I would say a healthy dose of suspicion to anything that you get because unfortunately you just don't know what angle these hackers are going to take."
Hackers attempting to infiltrate computer systems many be pursuing any number of angles.
"It could (be that) primarily their main focus and goal is money, that could be one angle," Blank said. "But also they could exploit somebody's personal information."
Large amounts of information criminally extracted can be exploited down the line.
"If they have access to personal information, social security numbers and all that stuff, of course that stuff can be used in the future and exploited, sold on the black market for a slew of deviant purposes," Blank added.
Cybercriminals also have used trial-and-error technique to obtain user credentials and credentials purchased on the darknet to gain unauthorized RDP access to victim systems, deploying a range of malware, per the announcement.
They may seek to take advantage of security weaknesses in widely used software programs to gain control of victim systems and deploy ransomware.
The FBI, per the announcement, does not advocate paying a ransom, saying it doesn't guarantee the victim will regain access to data. It also emboldens hackers to target other organizations.
Wale echoed those sentiments, adding that many sophisticated attacks originate overseas and are very hard to trace.
Still, businesses faced with an inability to function will evaluate all options to protect shareholders, employees and customers, a fact the FBI said it understands.
Small businesses should first have a plan in place to prevent cyberattacks. The human element is the cause of 74% of breaches, so owners should make sure all of their employees use safeguards such as two-factor identification to make it harder to be hacked. Requiring employees to regularly change their passwords can also help.
Moreover, the FBI said the most important defense for any organization against ransomware "is a robust system of backups."
"Having a recent backup to restore from could prevent a ransomware attack from crippling your organization," the announcement reads. "The time to invest in backups and other cyber defenses is before an attacker strikes, not afterward when it may be too late."
If a business has been breached, it's best to work with a cybersecurity executive within the company or a trusted third party to assess what happened and the damage done.
"Reach out to your supervisors, reach out to IT administrators and ask for their advice … if there's anything that you should specifically do," Blank said. "They may be aware of certain areas or certain programs or whatever that may be hacked. Maybe it doesn't have anything to do with where payroll might be, somewhere separate than other systems."
Trying to contain it without having the right technical knowledge can just make things worse.
"If you do think you've been hacked, disconnect from any network you think you might be on, shut your system down and contact a good IT guy," Wale said.
It's also important to let the authorities know what happened. Attacks must be reported to federal authorities within 72 hours after a company is reasonably sure one has occurred.
- Reporters Erin Gardner, Abigail Miller and William Kincaid and the Associated Press contributed to this article.