Most businesses, including CSMFO members, rely heavily upon technology and, arguably, it’s one of your soundest business assets.

But what happens when your technology is compromised or leaves you vulnerable, such as in the case of your IT environment suddenly held hostage by a cybercriminal?

According to Recorded Future, since 2013 there have been 170 city, county and state governments that have been attacked using ransomware, a type of malicious software built to interrupt or shut down your business or government operations. That means it’s a good time to understand what you can do to prevent it.

Recent Cyber Fraud Example

California CSMFO Member (anonymous):  A wire-out request of about $500,000 with the proper form, signatures,  and supporting documents was electronically submitted through email to the Finance Department from a valid City email address and validated through two follow-up emails.  The wire-out request was coming from a cybercriminal who had hacked into an employee email, camped out watching email traffic, and cloned a prior wire-out requisition and supporting documentation.  The funds were wired out but then caught and questioned by the bank since the bank account name did not match the account name associated with the cybercriminal’s account number.  All but about $2,000 was stopped the same day of the wire-out.  To improve the internal controls, a call back verification was deployed.

Recent Ransomware Attacks

City of Baltimore: On May 7, the RobbinHood ransomware infection hit. An estimated $18 million has been reported as likely damages, with $10 million going toward the repair of the city’s systems, while $8 million is in forgone interest and penalties. Some services are still not restored, and others are using manual processes.

City of Atlanta: More than a year ago the city was brought to its knees as the result of a ransomware attack, when the cybercriminal demanded $51,000. Payment was not made and to date nearly $17 million has been spent repairing the damages. In addition, valuable police department dash cam video has been lost forever according to reports.

8 Steps to Security

Cyber Fraud, like these are happening more and more. However, all is not lost. There are eight steps you can take that will go a long way in securing your IT environment, rendering it more difficult for cybercriminals to access.

1. Perform a security assessment of your IT environment. Do not rely upon “it hasn’t happened to me yet, so I doubt it will” reasoning. The risk is not worth it.
2. Provide security awareness to anyone accessing your IT environment to prevent the No. 1 cause of cyber-attacks: Phishing. Humans continue to be the weakest link. You need to go beyond training and make employees aware, so that it becomes part of the security culture.
3. Back up your data daily. If you find yourself in the unfortunate position of being a ransomware victim, the best way to recover from the attack is to have secure and reliable backups ready to use when you are held hostage.
4. Patch software immediately. When fixes are made available, don’t wait. Update your software so hackers can’t exploit a vulnerability.
5. Limit the number of people who can install software. This is the IT version of “too many cooks spoil the broth.” You need to trust that your employees are doing the right thing when installing and updating software, and that they’re not relying upon free software, which is a notorious gateway for malware.
6. Use a reputable antivirus software (AV). AV is a simple, yet powerful step that will lower your chances of being attacked by ransomware.
7. Perform security monitoring of your network. You MUST be aware of what is happening in your network by performing 24x7x365 monitoring, which will help ensure you’re actively looking for the bad guys.
8. Use two-factor authentication. Gone are the days of just a single password. Having two forms of authentication, such as a password and a biometric, to access your network will provide added assurance.

While nothing is foolproof, taking preventive measures maintains your brand, ensures customer retention and prevents a cyber breach. At the end of the day you want the peace of mind that’s provided when you know you have done everything you can—even when it’s “just in case.”