CITGO Hostage Data: Ransomware and Protecting Your Digital Information

As cyber attacks are on the rise, it is important that all CITGO employees ensure that they are using good password habits and multi-step verifications to protect the company data, recommends Michael Corgiat, a representative of The Retirement Group, a division of Wealth Enhancement Group.

It is therefore important that CITGO employees take conscious measures to prevent their personal and company data from being compromised by ransomware attacks by being aware of phishing scams and ensuring that their systems are up to date, stresses Brent Wolf, a representative of The Retirement Group, a division of Wealth Enhancement Group.

Here are three brief main topics for your article:

1. The Colonial Pipeline attack and other recent ransomware attacks on critical infrastructure.

2. How ransomware works, and the rising risk to people and businesses.

3. Some practical ways to secure electronic information, with a focus on good passwords and other safety tips.

Have you noticed that gas prices in your area are through the roof? Colonial Pipeline, which carries almost 50% of East Coast crude oil from Texas to New Jersey halted operations on May 7, 2021, after a ransomware attack. The pipeline was restarted in one week after Colonial paid the $4.4 million ransom, after the group behind the attack notified the company of the breach.

Although there was enough gas in storage to stabilize demand, panic buying led to shortages on the East Coast of the United States and pushed the national average gas price above $3.00 per gallon for the first time since 2014 although there was enough gas to meet demand.[1]. Ransomware has been around for some time, but the Colonial Pipeline attack highlighted the risk to critical infrastructure and triggered a strong federal response. Interestingly enough, the DOJ was able to recover most of the ransom, and DarkSide, the group behind the attack, announced that it would be halting its operations.[2.]

More Articles Like This One:

The Department of Homeland Security has issued new rules that require critical pipeline owners and operators to report cybersecurity incidents within 12 hours and review their cybersecurity posture and submit the results within 30 days.[3] As we have seen the incident has underscored the need for government efforts to improve the nation’s cybersecurity and to form an international partnership to hold nations that shelter cybercriminals accountable.[4.]

Malicious Code:

As a CITGO company, it is important that you understand the basics of cyber attacks in order to protect your assets from threats. Ransomware is a type of malicious code (malware) that compromises the victim’s computer system and the attacker uses the compromised system to encrypt files for which a ransom is demanded in exchange for the decryption key. Some of the attackers may also threaten to leak the company’s data. Globally, an estimated 305 million ransomware attacks were recorded in the year 2020 as compared to a 62% increase from the previous year, 2019. More than 200 million were reported in the United States.[5] Cybercriminal gangs have shifted their attention from targeting ‘data-intensive’ organizations such as retailers, insurers, and financial services to targeting businesses and other entities that are critical to the public health. JBS USA Holdings, a company that handles one-fifth of the U.S. livestock production, paid $11 million ransom, one week after the Colonial Pipeline attack.[6] As a result of relatively low spending on cybersecurity, healthcare systems are also a prime target, putting patient care at risk.[7] State and local governments, schools, and private companies of all sizes are also frequently attacked.[8]

As cyber attackers have chosen CITGO employees as their target audience, it is crucial to enhance cybersecurity at your workplace and residential networks to avoid risks. Typically, ransomware groups, which are mainly from Russia and other countries in the Eastern region, set their ransoms based on the level of the victim company’s funds. Large operations may end in negotiation between the middle men and the victims or the cyber insurance companies. Although the FBI doesn’t recommend paying the ransom, key organizations and entities might not be able to afford to rebuild their IT systems and the cost of doing so may well be higher than the ransom demanded.[9]

Protecting Your Data:

Do you know that ransomware attacks are increasingly targeting seniors? According to the FBI, older people are especially vulnerable to ransomware scams because they are not very familiar with the cyber security measures and tend to open any email or make any call from an unknown number. Scammers especially target retirees, taking advantage of their fear of losing important information or their access to certain accounts. It is crucial for people in their 60s, including those working for CITGO or retiring, to know the dangers and how to protect their electronic information. Major ransomware groups tend to target more profitable targets, but many cybercriminals attack individual consumers and demand ransom to lock their data, access their financial accounts, and sell their personal data.

If you work for CITGO and you think that you or your company is at risk of being targeted by ransomware, the following will assist you in protecting your data.[10] Use good passwords and keep them safe. The Colonial Pipeline attack occurred through a leaked password of an old account that had remote server access,[11] which is why, as an employee of CITGO and a potential target, your first line of defence is a good password. Use between 8 and 12 characters, including a mix of case, numbers, and special characters. Passwords that are longer and more complex are better than those that are short and simple. Avoid using personal information and words that can be found in the dictionary.

One way to do this is to use a password that can be transformed and remembered. For instance, Jack and Jill going up the hill to get a pail of water can be written as J&jwuth!!2faPow. It is more advisable to have different passwords for different accounts than to reuse a good password. You should use a password manager that generates random passwords that can be remembered using a strong master password. Do not share or write down your passwords. No simple solutions. When creating security questions that can be used to recover a password, be careful. Given that there is a lot of actual information that can be found online, it might be beneficial for employees of CITGO to use fictitious answers that they can remember. If a criminal can guess your answer from the information that he or she got from the internet (for example, from your online profile), then he or she will be able to change your password and gain access to your account. Take two measures. Even if a thief gets your password, two-factor authentication, which is usually a text or email code sent to your phone, provides an extra protection.

Consider before clicking. As an employee of CITGO using work systems, it is necessary to know that the most common way of transmitting ransomware and other malicious code to the affected computer is through a ‘phishing’ email that would require the recipient to open a link. There is no need to click on a link in an email or text message unless you know who sent it and where it is leading to. Install anti-virus software. Get and keep anti-virus software, a firewall, and an email filter. Old antivirus software does not provide protection against the latest infections. Backup your data. Back up to an external hard drive at regular intervals. The drive should be disconnected from the network during the intervals to enhance security. Maintain system updates. Use the latest operating system that is compatible with your computer and install security updates.

Most of the ransomware attacks are based on operating system and application vulnerabilities. If you get a message on your personal or company computer that you are infected with a virus or that your data is being demanded as a ransom, it is more likely a fake pop-up than an actual attack. These pop-ups are usually followed by a phone number for so-called technical support or to make a payment. As an employee of CITGO, it is crucial that you do not make a call and do not click on the window and any links to avoid compromising the system. Try to close your browser and shut down your computer. More information and other tips can be found at the Cybersecurity & Infrastructure Security Agency website at us-cert.cisa.gov/ncas/tips.

Conclusion:

Featured Video

Articles you may find interesting:

Think of your digital information as a valuable property, like a family heirloom. This is why it is crucial to protect your data from ransomware as you do with your valuable items. Ransomware can be regarded as a clever burglar who steals your digital family heirloom and demands a ransom for it. By using strong passwords, having anti-virus software and being careful of phishing, you are in a way locking the digital safe. Another way of protecting your data is to make sure that you are backing up your data. This is because just as you would keep a copy of your heirloom in a different place, you do not want to leave your precious assets unattended. Hence, it is crucial to be proactive in protecting your digital assets so that you do not lose control over them.

Sources:

1. Morgan Stanley.  Cybersecurity for Seniors: A Guide for Loved Ones . 2021.  morganstanley.com .

2. National Council on Aging.  Improving Personal Cybersecurity: 5 Tips for Seniors . 2021.  ncoa.org .

3. Texas Department of Information Resources.  Cybersecurity Tips for Retirees and Retirement-age Individuals . 2024.  dir.texas.gov .

4. Wyoming Enterprise Technology Services.  Seniors Online Safety Tips . 2021.  ets.wyo.gov .

5. Florida Senior Consulting.  Cybersecurity Guide for Seniors: A 2025 Update . 2025.  floridaseniorconsulting.com .