SIOUX FALLS, S.D. (KELO) – Cyber criminals can target any person or company, including South Dakota’s largest employer. Wednesday, Bill Gassen, the president and CEO of Sanford Health, said the company is investigating an attempted cyber security incident.
From a major U.S. fuel pipeline to the world’s largest meat processing plant — and now Sanford Health — this summer we’ve seen that cyber attacks at businesses of all sizes.
“We kind of start off, right, with a pretty common, you know, phishing or spear-phishing type attacks where, you know, it’s coming through an email, it looks like it’s legit,” Rob Honomichl, assistant professor of computer and cyber sciences at DSU, said. “You know, you click on something, it asks you to login using your username and password. And now they’ve got that information.”
You should also beware of ransomware attacks.
“In a ransomware attack, they might encrypt it, but they don’t actually have the information,” Honomichl said. “They’re just keeping you from your own information until you pay, you know, the ransom. And that’s what we saw with the pipeline and the meat producers a couple months ago.”
Attackers will ask for the ransom in digital currencies, such as BitCoin, because it cannot be traced.
“The other thing that we run into is, they’re criminals, right,” Honomichl said. “So you’re trusting that, even when you pay them that they’re going to turn over this key so that you can actually get to your files.”
If attacked, Honomichl says businesses should contact local law enforcement right away. He says businesses, and really anyone online, can stay vigilant by not clicking on suspicious links and by changing passwords often.
“There’s a website that we use a lot that’s called ‘Have I Been Pwned’ and you type in your email address and it will tell you, you know, anytime that your email address has appeared in a website that’s been compromised,” Honomichl said. “So I think that gives, you know, people a chance to go through and think about their passwords and making sure that they’re changing them.”
In a statement yesterday, Bill Gassen, CEO and President of Sanford Health, said that at that time, there was no known patient, resident or employee personal or financial information that had been compromised.