I know of two companies that have been hacked and held for ransom. If you are running older legacy software that means you are running old legacy hardware and it is very easy to exploit. Update your software and hardware. 

If you are running Pump Magic from Rapid Apps you are running the latest and most protected software on the market today.

This is the email I just got from the ACPA

Dear Members,

Cyber-attacks were at an all-time high in 2014 and according to Business Insider, the situation will only worsen this year as hackers use more advanced techniques to infiltrate networks. Below is an experience shared with you by one of our members that happened to them just this week. Hopefully, it may prevent this type of “ransomware” from happening to one of you.

Membership,

Recently our company experienced a cyber-attack into our IT infrastructure and I thought it would be wise to share with you all so that you can take preventative measures to prevent this from happening to you.

We are a centrally operated pumping company with multiple branch locations.  Out of our central office we run multiple servers with different operating databases and shared drives.  When the virus hit, it took down all of our locations even though it only happed at one office.  We have yet to drill down on the exact point of entry but we believe that the virus was a link in an email.  This is important to note because we do have a firewall protecting us from suspicious internet traffic but the virus slipped past inside the email.  A single click on the infected link allowed the virus to embed in our network.  

The first evidence of the hack was that our dispatching program completely shut down as the files that it operates from were corrupted.  This was at about 2 pm on a Friday, at that point we had to restore the database from the previous evening’s back up.  This was a critical step because we needed immediate access to the database to begin dispatching and scheduling again.  The problem was that all input fromFriday was lost for good, so we had to re-create the schedule by calling customers, sales staff and checking inbound phone recordings.  Fortunately we were able to do this and not lose any scheduled work.

Fast forward to Monday morning and we came in to what seemed to be a normal day until we tried to open an excel file that was stored on a shared network drive.  The file could not be opened because it was now encrypted.  When the virus entered the system it went through the network and encrypted many of our files and folders.  The only way for us to retrieve the information was to decrypt the files.  Following the link that was now attached to all encrypted files brought us to a website that demanded a 2.38 Bitcoin RANSOM for a key that would decrypt the files.  Our work was being held ransom for what equated to $500. 

Fortunately our company has the resources to pay that ransom, so we proceeded to try to figure out how to buy Bitcoins.  This is the hard part; Bitcoins are an unregulated international currency that is quite volatile and hard to actually obtain.  The reason the ransom was requested in Bitcoins is because they are basically untraceable.  Finding a broker and actually completing the transaction was the most tedious part of the process.

Finally, we were able to pay the ransom and the hackers did give us an encryption key once the transaction cleared and our files were restored.  There was no correspondence and no way for us to identify anything about the hackers or where they were located.  The entire transaction was completed through a web portal.  We have all of our data now and it is all backed up. 

The important lessons from this experience are:

• ·         First and foremost – back up all data.  At least nightly, or better, back up at regular intervals throughout the day.  Any IT service can set this up for you and there are many different options and prices points for back up.  If we didn’t back up the data we would have not been about to schedule, dispatch or invoice throughout the whole process – 6 days…
• ·         Once you are sure your data is being backed up then invest in a firewall to assist with network security.  While the firewall did not detect this particular virus, they can and do stop many other phishing attempts from hackers.  If a phish goes out at finds a weak security system on your network you could be at risk for an attack.
• ·         An important lesson is to also know what not to open, most spam is common sense but many emails look safe.  Talk to an IT provider to help you and your organization know what is safe.
• ·         Regularly clean out your digital library and keep your files organized, this will make it easier to assess what is important and what needs priority for security.
• ·         Keep your technology as current as your business allows.  Older technology will be harder to backup, restore and ultimately replace.  Not everyone needs to be cutting edge but try not to put off system and hardware upgrades for extended periods of time.

The idea that our IT network and the information that lives on it was held for ransom seems like a pretty far-fetched story but, it happened to us and at least 300 other people in our state.  Be prepared, cyber-attacks are on the rise and your data could be at risk.

Safe Pumping!

Christi Collins

Executive Director

American Concrete Pumping Association

Ph 614.431.5618  Fax 614.431.6944

www.concretepumpers.com