A few months ago, my husband got a phone call from what appeared to be our cell phone carrier. Someone had tried to make a purchase and change our account information at a store in Miami, and the caller said we needed to reset the password to secure our account.
Instead of following the caller's instructions, my husband logged in to the online portal to change his password through the standard procedure. It didn't look like anything odd had happened, so he called our carrier. Sure enough, it was an elaborate phishing scam.
These types of phishing schemes are becoming not only more common but also more lucrative for attackers, according to a recent FBI report on internet crime. More than 26,000 people reported being a victim of some sort of phishing scam in 2018, with losses totaling more than $50 million, up $20 million from the prior year.
Many of these attempted attacks begin the way ours did, with an email address and other personal data that was exposed in a data breach. The scammers were after one or two more pieces of information, enough to give them digital control of our identities or install ransomware on our computer.
As agriculture becomes more reliant on the internet, cloud computing and big data, it's more crucial than ever that farms include cybersecurity threats in their risk-management planning.
Randy Romes, who heads up
cybersecurity efforts at CliftonLarsonAllen, explained in a recent webinar that many cybercrimes, ransomware attacks in particular, rely on a whole chain of events occurring in order to be successful.
"There are discreet steps in that chain that we could recognize, react and respond to stop it," he says. Here are a few of his suggestions.
> Educate employees on how to spot phishing attempts.
Phishing attempts get more sophisticated every day. Romes says it's important to inspect the "from" field on any email, since one common technique is to make it appear as if an email came from within the organization, usually the CEO or another leader.
It's especially important not to click on links or download attachments from suspect emails, but Romes says malware could also spread via infected hardware, such as a USB drive.
> Minimize permissions.
Who really needs to have access to the farm's field maps, accounting data and other highly sensitive business information? By minimizing who has access to important data, you limit the information's potential exposure to a data breach.
> Update security software.
There are security patches for some ransomware viruses, but your computer system has to be up to date for them to
> Have a disaster recovery plan,
and practice it.
Make sure all of your critical systems are being backed up, and Romes says it's important to practice a full system reset and data restoration.
For a more comprehensive look at how to protect yourself from a cyberattack, the full webinar can be found at www.claconnect.com/events/2019/prepare-now-for-a-ransomware-attack-10-14-19.
Read Katie's business blog at about.dtnpf.com/business.
Copyright 2019 DTN/The Progressive Farmer. All rights reserved.