Individual farmers and producers are becoming victims of credit card fraud, automatic clearing house (ACH) fraud, and wire fraud.
Although high profile hacking incidents dominate the news headlines, farmers, producers, and cooperatives are also being targeted. You might be thinking, “Wait, we’re an agribusiness organization. Who targets farmers and cooperatives?” Well it’s pretty simple. You have customer information that is valuable to hackers.
Understanding the threat
Before taking steps to protect your business, you must first understand the threats, which fall into three main categories:
- Online banking malware (corporate account take-over)
- Ransomware attacks
- Theft of personal financial information
Organized crime groups in Russia, Eastern Europe, and China have created a high demand for personal financial information. Hackers steal this information then sell it to criminals who use it to commit various forms of identity theft. Payroll databases, customer sales records, and accounts payable records are common targets for this type of attack. Smaller businesses are targeted because they often lack the sophisticated defenses that protect larger organizations.
Online banking malware
Malware code is often delivered via email, either by a file attached directly to the message, or more commonly, by use of a link to a rogue web page. In the latter case, the malware returns with the web page and installs itself on the victim’s computer. This type of attack has been dubbed “spear phishing” since often only one email is sent to the victim organization.
Once a network is infected, online banking credentials (user ID, password, challenge questions) are harvested by the attacker, who then logs into the online banking server and executes fraudulent wire or ACH transactions.
Spear phishing emails have improved significantly in their sophistication and effectiveness, and can be difficult for users to identify as fraudulent. They often use carefully crafted scripts to entice the user to click the link. In some cases, the emails are “spoofed;” that is, they are crafted to appear to come from someone inside the victim organization (e.g., the company president). In other cases, the emails are designed so they appear to come from a legitimate business or organization, such as UPS, American Express, PayPal, or the IRS. These tactics increase the likelihood that the recipient will act quickly, clicking on the link without much thought. Ransomware Ransomware is a malware that encrypts virtually all data and files that it can find, both on the local machine and on every network device that it can connect to. This renders the data unusable by the victim organization. Typically, the hacker demands payment in exchange for decrypting the affected data. Although smaller producers and farmers believe that they are safe from these types of attacks, in the last week, I had a client contact me after employees came into the office and found their computers locked up with the ransomware messages. They have three office employees.
Protect your business
Preventing attacks requires a multilayered approach. Organizations should consider these tactics:
- Keep current on technical defensive measures such as firewalls, intrusion detection systems, and spam filters.
- Keep up-to-date on the anti-virus software on all devices, and complete regular scans to keep them clean.
- Keep all network servers and PC workstations current with the latest security updates and patches.
- Limit the number of PCs used to conduct online cash management. If possible, isolate them from the rest of the company network.
- Encrypt sensitive data, such as intellectual property and personal financial information.
- Use bank security tools for online cash management.
- Make regular backups of key data and systems and store them in a secure, off-site location.
- Perform periodic vulnerability or penetration assessments to validate that controls believed to be in place are functioning as intended.
Training and relationships
In addition to the technical layer of defense, organizations should educate users to spot fake emails and to be wary of website links and file attachments. Also, be prepared for a breach so that you can respond coherently. This will involve the following steps:
- Develop an incident response plan so users know who to contact immediately if they suspect malicious activity on their computers.
- Read and thoroughly understand your agreements with your bank related to online activity.
- Identify the primary contact at your bank who will be your first call for help in the event of a breach.
- Establish a relationship with local law enforcement agencies that are familiar with online crimes.
How we can help
Even the smallest organization relies on technology. You can conduct business securely if you develop the right strategy and implement it. CLA can help you protect your organization by securing your information systems. No matter your size, you are vulnerable. View our webinar on payment fraud trends to help start protecting against online attacks.