Hackers Force Firm Offsides In Ransomware Attack Reminiscent Of Blackbaud
Published: November 15, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
ArbiterSports, which holds data of around 540,000 referees, league officials, and school representatives, has admitted it was a victim of a ransomware attack. This attack is conspicuously reminiscent to the Blackbaud attacks that were made public in the summer, where hundreds of thousands of peoples’ data was retrieved on stolen backup file.
The sports company is the official software provider for the National Collegiate Athletic Association (NCAA) in the United States. Like the Blackbaud incident, the organization detected and blocked the attempt to encrypt the files, the hackers still managed to gain access and acquire a copy of backup files. The files contained sensitive information about members including usernames, passwords, email addresses, and social security numbers.
And again, in return for paying a ransom, the hackers claimed they would delete the stolen files. ArbiterSports confirmed they paid the ransom and received assurances from the hackers that the files had been deleted. Is this a trend? Is it the same actor or group of actors doing the crime? Is it a copycat? How do these organizations really know the data was deleted? We just don’t know right now.
Certainly, backing up data is important as part of any strong cyber security plan. However, it’s even better to keep these cyber scoundrels out of the network in the first place. Start by keeping backed up data off the production network and out of internet reach. If they can’t get to the backups, they can’t retrieve the data and hold it for ransom.
Any good sports team has backup players at the ready. And beyond that, there are other very important steps to take in a solid cyber security plan:
Be sure to install perimeter security devices such as spam filters, anti-virus software, and intrusion prevention/detection products. Keep these updated with the latest versions and patches.
Monitor the network continuously. Review the logs, watch the activity moving around in it. If there is anything that looks the least bit suspicious, call foul and address it right away. If you’re unsure, ask for assistance from others to get to the bottom of it. Don’t just throw in the towel.
Create and use a strong cyber security awareness training playbook. It doesn’t have to be elaborate and doesn’t require a resort retreat or even a person to physically be on site. There are service providers that provide programs users can complete from their home offices, whether that’s an RV on the beach or a cabin in the mountains. If there is internet access, they can complete the training.
And whatever you do, don’t pay ransoms. They just continue to encourage more bad behavior.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at email@example.com