May 23, 2019

May 23, 2019

Subscribe to Latest Legal News and Analysis

May 22, 2019

Subscribe to Latest Legal News and Analysis

May 21, 2019

Subscribe to Latest Legal News and Analysis

May 20, 2019

Subscribe to Latest Legal News and Analysis

Case Study on How Regional Manufacturing Firms Are Increasingly Targets of Cybercrime

As their methods evolve, cybercriminals are increasingly targeting regional manufacturing businesses with sophisticated and potentially costly attacks. A recent ransomware attack on a mid-sized manufacturer in the Southeast provides a striking real world example. 

The following information is provided with the consent of the company, though it will remain anonymous to discourage revenge attacks. 

On a Saturday night, the company’s servers slowly began shutting down. By Sunday morning, it became clear the IT system was under attack. After alerting the company’s cyber insurance company, a response team was mobilized and found ransomware in the client’s system. The intrusion was so sophisticated that it required significant forensic expertise to identify the embedded malware. The resulting investigation also showed that Russian cybercriminals had made an entry through an administrator’s computer that was left connected to the internet overnight. Additionally, the individual’s login password was weak. The attackers were able to crack it, giving them high-level access throughout the system. 

As the forensic cyber team worked to locate the intrusion, they learned the intruders had been trading bitcoin on the excess server capacity for several weeks prior to the attack. During the investigation, ransom notes were found throughout the system.  The attackers demanded more than a million dollars in untraceable internet Bitcoin or else all of the company’s data and software would be erased.

Fortunately, the company had done its homework. They had a separate backup system that had not been corrupted. However, they did lose a week’s worth of business and data. As is standard practice in this area, the forensic investigation was conducted under the auspices of outside legal counsel to safeguard the attorney client privilege in case of future litigation.

Cybercrime is a sophisticated global business with revenues estimated at $445 billion in 2015 alone. Historically, international cybercriminals have targeted large financial, tax and insurance businesses, stealing credit card and personal identity information, and selling it to street gangs and other criminals in the United States. The data fed a massive pool of relatively small-scale financial, tax and insurance fraud. 

But the pay-offs from this business model were often disappointing.  Middle men capture much of the profits.  Returns are waning as the victims of credit card and other cyber fraud are getting much better able to protect themselves. This is causing cybercriminals to turn to ransomware and other targeted computer fraud to extort large one-off payouts from individual data-dependent businesses. For this reason, small and medium sized manufacturing firms are increasingly the targets of cybercrime. 

Here are our Ten Tips for Protecting Your Company from Cyber-Criminals:

  1. Conduct and document a cyber security audit using a third-party provider. 
  2. Provide security awareness training for all employees that cover spearing phishing, credential fraud, wire transfer fraud, etc.
  3. Prepare and execute a risk-based cyber security plan that closes the most important gaps in security first.
  4. Identify in advance the professionals including outside legal professionals that will be asked to respond at once if a crisis occurs.
  5. Put a breach response plan in place and conduct a “test run” to identify potential gaps in preparation.
  6. Identify the statutory and regulatory requirements that apply to the data held by the company, including the state-by-state notifications that will be required in case of breach.
  7. Have a public relations plan devised in the event of a cyber breach if disclosure is required by law (or have a crisis management PR firm identified).
  8. Train the company’s leadership team and board to be able to execute the breach response plan quickly and confidently in a crisis.
  9. Obtain cyber insurance commensurate with the company’s needs and ability to pay, and after a careful review of its terms.
  10. Review the company’s contractual obligations to protect the data of others to ensure that they are reasonable in scope and damages. Review the company’s contracts with vendors to ensure that they protect the company’s data.

 

Copyright © 2019 Womble Bond Dickinson (US) LLP All Rights Reserved.

TRENDING LEGAL ANALYSIS


About this Author

Claire Rauscher, Attorney, White Collar Crime

Claire Rauscher brings more than 25 years of courtroom experience to Womble Carlyle’s White Collar Criminal Defense team. Claire focuses her practice on complex white collar litigation, and has represented clients in all phases of state and federal proceedings, including pre-indictment investigations, grand jury practice and criminal trials. 

704.331.4961
Benton Zeigler lawyer, Womble Carlyle Law Firm, Cybersecurity and Environmental law Attorney
Partner

Belton Zeigler brings more than 30 years of experience to his South Carolina-based cybersecurity and utility, environmental and energy practice. He has served as General Counsel to a major electric utility, and also served as Vice President for industrial customer relations, power marketing and strategic planning.

Belton has participated as a lead attorney in multiple general gas and electric rate cases and numerous smaller regulatory proceedings. He worked with the South Carolina General Assembly to draft the Base Load Review Act, the Distributed Energy Resources Act, and the Natural Gas Rate Stabilization Act. Zeigler has extensive experience in the state regulation of solar and nuclear power and has been instrumental in shaping South Carolina’s laws regulating those industries.

803-454-7720