From the Desk of Kaleb Jacob, Principal CIO

Just today, the ability to obtain a vehicle inspection sticker has been restored after weeks of “systems being down”.  Nearly 3 weeks ago, the vendor for the emissions testing equipment was hit with a malware attack that crippled their systems, rendering the system useless. The news on this attack has been eerily quiet, but the trickle down effect is significant. Many Inspection Mechanics were sent home unpaid (unless paid by benevolent employers) and showed a loss in personal income. People who took time off for the inspection have to take more time off again after the initial backlog of inspections are done. There is an impact on the end user, garage owner, software vendor and government. On top of that, there still isn’t any word if any personal data was leaked or whether there was a ransom demanded or paid. The standard line was given, which was that a forensic cybersecurity service was contracted to get to the bottom of it.

As an IT professional, I want to know how the malware was able to enter the company’s network and how it was able to install itself to cripple the systems and affect the ability for 7 states to test vehicle emissions. Like many malware attacks like this, partially because it is so common and partially because it is difficult to explain, we may never hear what really happened. I suspect that whatever happened in this case was preventable like any other breach, but it would be interesting to know what the company actually did employ for cybersecurity measures. Were they patching? Was their antivirus up to date? Was the firewall firmware and security subscription up to date?  Did they train their employees on basic cybersecurity awareness to help them identify suspicious emails, attachments or links?  Or, were things just running fine so there wasn’t a compelling reason to spend more on security?

If you are responsible for cybersecurity at your company, ask yourself the questions above and imagine you are the CEO of the company that was unable to transact business for the last 3 weeks. No one wants to answer no to any of these questions when production grinds to a halt and yet many small businesses ignore these basic necessities. Ignorance is negligence and liability. Think of what your press release will say. Will it be vague and not quite say that you didn’t follow best practices, or will it say that you took practical measures and regularly evaluated whether it was good enough as threats evolve over time?

If you want to know what’s under your hood, ask for a free report card if you are a current client. If you are not a client, ask us for a Network Assessment so you know where you stand.

https://www.thedrive.com/news/40099/cyber-attack-forces-vehicle-emissions-testing-company-to-halt-operations-in-8-states

As always, we are here if you need us.
Kaleb and the Eagle Team