6 Lessons Learned From a Ransomware Attack

Most of us have received at least a few (more likely dozens of) suspicious emails or text messages urging us to log onto a website or respond to help someone in need. Some are obviously scams, containing misspellings or a suspicious email address, but others are not so easy to detect.

With hackers and cybercriminals becoming more sophisticated by the day, organizations must be prepared for some kind of a cyberattack, write Tim Worke and Mike Schechter of Associated General Contractors (AGC) of Minnesota.

6 Lessons Learned From a Ransomware Attack

In their article “Held for Ransom: How One Organization Responded to a Cyberattack” in the May issue of Benefits Magazine, Worke and Schechter provide an account of a ransomware attack experienced by their organization and offer lessons learned from the experience. Worke is the chief executive office of AGC Minnesota, and Schechter is general counsel and director of labor relations.

1. Preparation

Organizations should have a cybersecurity plan. The plan should include steps to protect data, the purchase of cyberinsurance and procedures to follow after an attack occurs.

2. Responding to an Attack

Organizations have a number of options in responding to an attack. They can contact law enforcement or hire a computer expert to figure out how to decrypt the data. In the case of a ransomware attack, they can elect to pay the ransom, but it can be expensive and they still may be subjected to more demands or another attack. In its case, AGC decided not to pay the ransom demand and instead rebuilt its system.

Fraud Prevention Institute for Employee Benefit Plans

3. Rebuilding

AGC beefed up security in rebuilding its system. New security measures include dual authentication for all system logins and an “air-gap backup” in addition to its cloud-based backup. The air-gap backup uses a hard drive to periodically back up all documents on the server. The hard drive is then disconnected so that hackers can’t access it remotely. The fund also bought cyberliability insurance, which it did not have previously.

4. Notifications

Organizations should check federal and state law to learn what notifications they are required to provide following a data breach. Although no sensitive information was compromised in the AGC breach, Worke and Schechter said they had an ethical duty to inform friends and colleagues whose names and email addresses might be used in phishing attempts.

5. Damage Recovery

AGC’s damages were covered by its commercial general liability insurance policy. It may be possible to pursue compensation for damages from an IT provider. Pursuing damages from an employee is generally not an option unless the employee purposefully compromised the system or there is a specific state law that allows the organization to recover damages from an employee.

6. Training

Organizations should train employees on their cyberplans and policies. They should alert them of new scams and even test them by sending fake emails and documenting their responses.

Nearly every organization should expect an attack to occur, even those that don’t have what they consider to be valuable data, Worke and Schechter caution. Ultimately, “. . . your level of preparation and response will help transform the attack from a fatal to a recoverable wound.”

Learn More: International Foundation members can read the full article
“Held for Ransom: How One Organization Responded to a Cyberattack” in the May issue of Benefits Magazine.

[Related Reading: Four Common Cyber-Risks Facing Your Benefit Plans]


Kathy Bergstrom, CEBS
Senior Editor, Publications, at the International Foundation

The latest from Word on Benefits:

Kathy Bergstrom, CEBS

Senior Editor, Publications at the International Foundation Favorite Foundation Product: The Foundation magazines: Benefits Magazine and Plans & Trusts Benefits Related Topics That Interest Her Most: Financial literacy, health and wellness programs Favorite Foundation Conference Moment: Hearing attendees sing “O, Canada” at Canadian Annual in addition to hearing the anthem sung in both French and English. Personal Insight: Whether she’s collecting information for a magazine story or hanging out with her family and friends, you know Kathy is fully engaged. Her listening ear and introspective nature provide reassuring presence to those enjoying her company.

Recommended Posts

The Growing Importance of Cross-Cultural Competence

Eli Argueta
 

In the ever-expanding global marketplace, organizations are increasingly embracing the importance of understanding and respecting diverse cultures. Nowhere is this more crucial than in the realm of global benefits, where effective communication and collaboration across cultural boundaries can make all the difference. […]

Measuring and Addressing Burnout and Stress in the Workplace

Anne Patterson
 

According to the International Foundation’s Mental Health and Substance Use Disorder Benefits Survey Report, 96% of the workforce is stressed—either somewhat or very. With mostly every worker facing stress at some level, it’s important for plan sponsors/employers to know how to identify […]

Student Loan Repayment and Financial Wellness Benefits: What’s New?

Anne Newhouse
 

Student loan repayment has been more top-of-mind in recent weeks with President Biden’s announcement on February 21, 2024. The Department of Education emailed 153,000 borrowers that student loans were being discharged for those enrolled in the Saving on a Valuable Education (SAVE) […]

Paid Family and Medical Leave Legislative Developments

Jenny Gartman, CEBS
 

Proposals for paid family and medical leave at the federal level historically haven’t had enough support to become law. Many states have added paid leave mandates since 2017, creating a challenge for multistate employers seeking to deliver consistent benefits to their entire […]