6 Lessons Learned From a Ransomware Attack

Most of us have received at least a few (more likely dozens of) suspicious emails or text messages urging us to log onto a website or respond to help someone in need. Some are obviously scams, containing misspellings or a suspicious email address, but others are not so easy to detect.

With hackers and cybercriminals becoming more sophisticated by the day, organizations must be prepared for some kind of a cyberattack, write Tim Worke and Mike Schechter of Associated General Contractors (AGC) of Minnesota.

6 Lessons Learned From a Ransomware Attack

In their article “Held for Ransom: How One Organization Responded to a Cyberattack” in the May issue of Benefits Magazine, Worke and Schechter provide an account of a ransomware attack experienced by their organization and offer lessons learned from the experience. Worke is the chief executive office of AGC Minnesota, and Schechter is general counsel and director of labor relations.

1. Preparation

Organizations should have a cybersecurity plan. The plan should include steps to protect data, the purchase of cyberinsurance and procedures to follow after an attack occurs.

2. Responding to an Attack

Organizations have a number of options in responding to an attack. They can contact law enforcement or hire a computer expert to figure out how to decrypt the data. In the case of a ransomware attack, they can elect to pay the ransom, but it can be expensive and they still may be subjected to more demands or another attack. In its case, AGC decided not to pay the ransom demand and instead rebuilt its system.

Fraud Prevention Institute for Employee Benefit Plans

3. Rebuilding

AGC beefed up security in rebuilding its system. New security measures include dual authentication for all system logins and an “air-gap backup” in addition to its cloud-based backup. The air-gap backup uses a hard drive to periodically back up all documents on the server. The hard drive is then disconnected so that hackers can’t access it remotely. The fund also bought cyberliability insurance, which it did not have previously.

4. Notifications

Organizations should check federal and state law to learn what notifications they are required to provide following a data breach. Although no sensitive information was compromised in the AGC breach, Worke and Schechter said they had an ethical duty to inform friends and colleagues whose names and email addresses might be used in phishing attempts.

5. Damage Recovery

AGC’s damages were covered by its commercial general liability insurance policy. It may be possible to pursue compensation for damages from an IT provider. Pursuing damages from an employee is generally not an option unless the employee purposefully compromised the system or there is a specific state law that allows the organization to recover damages from an employee.

6. Training

Organizations should train employees on their cyberplans and policies. They should alert them of new scams and even test them by sending fake emails and documenting their responses.

Nearly every organization should expect an attack to occur, even those that don’t have what they consider to be valuable data, Worke and Schechter caution. Ultimately, “. . . your level of preparation and response will help transform the attack from a fatal to a recoverable wound.”

Learn More: International Foundation members can read the full article
“Held for Ransom: How One Organization Responded to a Cyberattack” in the May issue of Benefits Magazine.

[Related Reading: Four Common Cyber-Risks Facing Your Benefit Plans]

Kathy Bergstrom, CEBS
Senior Editor, Publications, at the International Foundation

The latest from Word on Benefits:

Kathy Bergstrom, CEBS

Senior Editor, Publications at the International Foundation Favorite Foundation Product: The Foundation magazines: Benefits Magazine and Plans & Trusts Benefits Related Topics That Interest Her Most: Financial literacy, health and wellness programs Favorite Foundation Conference Moment: Hearing attendees sing “O, Canada” at Canadian Annual in addition to hearing the anthem sung in both French and English. Personal Insight: Whether she’s collecting information for a magazine story or hanging out with her family and friends, you know Kathy is fully engaged. Her listening ear and introspective nature provide reassuring presence to those enjoying her company.

Recommended Posts

The State of Multiemployer Health Plans: Ten Takeaways

Justin Held, CEBS

The median cost of benefits for multiemployer health plans increased 4.7% from 2017 to 2018, reaching $11,642 per participant per year (PPPY), according to a new International Foundation report. The consistent increases in costs over the ten-year period required increases in employer […]

Where We Are Now: Special Financial Assistance Under the American Rescue Plan Act

Kathy Bergstrom, CEBS

From capital market return expectations to the rules that cover the program, a lot has changed in the two years since the American Rescue Plan Act was signed into law and created the Special Financial Assistance (SFA) program for struggling multiemployer pension […]

Education Benefits for Recruiting and Building Talent

Anne Patterson

Could education benefits help your organization recruit and retain talent? Tune into the latest Talking Benefits episode to get “schooled” on the various options available to employers in this area. The episode covers: Give it a listen to find out how your […]