Brian Grayek: ‘Companies are playing Russian roulette with Ransomware, gambling they’re not going to get hit’
The cybersecurity expert, who has consulted for the FBI and US secret services, says it is only a matter of time before cyberattacks attempt to detonate lithium batteries: ‘This is how crazy it’s getting’
Todd Davis, the CEO of LifeLock, had his identity stolen at least 13 times after he posted his Social Security number on several billboards in 2010. His goal was to demonstrate how secure his company was, whose promise was precisely to protect users from identity theft. This is the example Brian Grayek, a cybersecurity expert with more than 40 years of experience, uses to explain why he never gives out his age and place of birth - not even in interviews.
“If I have four pieces of information about you, I can make myself you,” says Grayek, who is director of information and cybersecurity for accounting and business advisory firm REDW and has been part of security incident investigation teams involving both the FBI and the secret services. The four pieces of information he is referring to are your name, date and place of birth and place of residence. He takes his wallet out of his pocket and produces his credit card: “If I steal your credit card, I can only use it a few times before you call the bank and ask them to cut it off. But your driver’s license, your Social Security number: you can’t change those. Once they’ve got them, they’ve got them.” With these two documents, a name and address, says Grayek, identity thieves “can apply for a credit card, a bank loan, a house loan.”
The number of cyberattacks is on the rise, as Grayek highlights during an interview at the CyberFit Summit 2022, an event in Miami to which EL PAÍS was invited by cybersecurity company Acronis. “How many doors do you see in this hallway?” he asks, pointing to a corridor with about 20 of them. “Which one would you say goes to Spain, the United States, Brazil or France? Hackers don’t care about that. They don’t go looking for a door that says Brazil or Spain. They’re just looking for an open door. Hackers don’t care where you are. You’re just a number,” he says. With the Covid-19 pandemic and the rise of remote working, “there are more open doors, everyone is working from home. I don’t know if we are becoming more blind to how things can happen or if they are getting more advanced ways of getting our information.”
A ransomware attack every 11 seconds
Ransomware is the number one threat facing organizations today, according to Acronis. Ransomware is a malicious computer program that blocks access to files hosted on a server until a ransom payment is made. Cybercriminals use this type of attack to extort money from companies, governments and organizations. Grayek, who has spoken at security events around the world, including at the White House, says it is the “number one” cybersecurity issue in the world today.
A ransomware attack occurs every 11 seconds, according to Acronis. In May 2021, one of the largest oil pipelines in the United States suspended its operations after being targeted. In Spain, victims have included the Spanish National Research Council and the Moisès Broggi Hospital in Barcelona. Is it advisable to meet the demands of the cyberattackers? “That’s complicated,” Grayek answers. The expert says that it depends where you are and whether you have a backup copy of your files. In the United States, he points out, “if I pay the hackers and they are connected to a terrorist organization, I can actually be sued and taken to jail.”
The risks of paying a ransom
“I’ve actually worked with the FBI a number of times on this and given presentations and they say the same thing: check with us first. They actually have a list of hackers and where they come from, who can be trusted, and who belongs to a terrorist [organization] and who does not,” says Grayek. When companies do decide to pay a ransom, things don’t always go according to plan: nearly 40% of victims who pay never get their data back and 73% are targeted again later, according to Acronis.
The easiest way to avoid these attacks is by having a backup. “They know that the number one way of getting hurt is ransomware, but how many companies are backing their stuff up properly? Very few,” says Grayek. He compares it to “Russian roulette, gambling that they’re not going to get hit. Would you put a gun to your head and say, ‘hmm, is there a bullet in there?’ That’s what companies are doing every day.”
While ransomware is the biggest threat to businesses, there are other types of attack that could have devastating consequences. “What do all of our smartphones have in common with computers? Lithium batteries,” Grayek points out, adding that when such batteries overheat, they can explode. In fact, the expert says he has witnessed demonstrations proving it is possible to achieve this via a cyberattack: “It’s going to happen sooner or later. This is how crazy it’s getting. It’s no longer: ‘I’m gonna hack into your computer and get your information.’ It’s: ‘I’m gonna hack in and blow up your company next.”
Sign up for our weekly newsletter to get more English-language news coverage from EL PAÍS USA Edition