Ask the Expert | Summer 2019

Cyberattacks on governments and companies can wreak havoc. Here are steps to help protect your organization.

In mid-August, over the span of just a few days, 22 Texas towns were struck by a coordinated cyberattack called a ransomware attack. As a result, Texas Governor Greg Abbott ordered a Level 2 Escalated Response, meaning that the scope of the emergency had expanded beyond what could be handled by local responders.

Ransomware—a malicious software that spreads across networks and shuts down computers until a ransom is paid—is typically spread through phishing emails or by someone unknowingly visiting an infected website. A spate of attacks in recent months has put cybersecurity in the spotlight, and it is vitally important for both government entities and businesses to understand the dangers presented by ransomware.

“This no longer affects just a few people,” Huntington’s Cybersecurity Outreach Director Don Boian says. “It affects everybody.”

Beyond the considerable financial impact an attack can have, the long-term disruption of business operations and the damage to reputation that can result from such an attack can be substantial. For example, the RobinHood ransomware attack in May cost the city of Baltimore an estimated $10 million in recovery and $8 million in lost revenue.

And if a critical service such as 911 dispatch is affected, lives could be endangered.

“Cyber criminals can wreak havoc with everyone else,” says Boian. “And in today’s fast-paced global economy where consumer demand for new services is so high, organizations can roll things out before thinking about the potential ramifications.”

To help protect your organization from similar attacks, here are few things to consider:

Train Employees & Vendors

  • Require that all employees take at least annual training on cybersecurity to equip them with the knowledge to identify and quarantine phishing and malicious emails, avoid clicking on suspicious links or attachments, and use strong passwords that are changed periodically.
  • Review third-party connections and limit access to minimal essential functions. “Third-party risk is one of the toughest things, from a business perspective,” Boian says. “It is important that your outsourced service providers take security as seriously as your own company does. You have to be really selective about who you outsource to. Especially if you’re a school system or police department, make sure the people managing your data are trustworthy.”
Cyber criminals can wreak havoc with everyone else. And in today’s fast-paced global economy where consumer demand for new services is so high, organizations can roll things out before thinking about the potential ramifications.
Don Boian
Cybersecurity Outreach Director, Huntington

Bolster Security

  • Keep all computer operating systems and applications up to date with relevant security patches.
  • Back up all critical systems and data and, just as important, periodically verify the integrity of the backup and restoration process. “If you’re just writing stuff off to removable media and sending it off somewhere, you really need to validate the technology,” Boian says. “If you haven’t validated it, by the time you have a problem, you might realize it doesn’t function properly.”
  • Ensure antivirus, malware protection, and email security software are in place, active and on current versions.
  • Provide a layered defense for critical systems and data. “For instance, payment processing should be buried behind several layers of defense,” says Boian. “And don’t read emails or browse the internet from the same system that contains those functions.”
  • Reduce or eliminate the use of vulnerable connection methods such as Server Message Block or Remote Desktop Protocol into your network. “WannaCry, a May 2017 worldwide cyberattack, spread because of a vulnerability in the Server Message Block protocol,” Boian says.

Be Proactive

  • Have cyber incident response plans in place, and don’t just put them on a shelf and forget about them; you need to periodically practice them. “How would you react to a malware outbreak on your network?” Boian says. “How would you isolate things? Who would you communicate with? What are the strategic vendors or forensic companies you would bring in? How would you communicate what happened with the public? The time of the crisis is not the time to be thinking about those things. Think about them now and document them.”
  • Have an independent audit performed on your networks annually to include attack surface mapping and penetration testing. “I’ve seen some companies that are defensive and say, ‘No, we’re good, we’ve got this,’” Boian says. “Any cybersecurity person who says that is essentially saying, ‘We’re impenetrable.’ It’s nice to have somebody who is impartial look at your networks and say they are OK or give you a list of items to work on.”
  • Consider purchasing cybersecurity insurance, but make sure you understand what the policy covers. “It’s like when you buy a home insurance policy and think you’re good, until you have water damage and find you didn’t have flood insurance,” he says. “It’s the same thing in the cybersecurity world. But there was a good example recently of a city in Florida, Riviera Beach, that understood what it was buying. When an attack occurred, it was covered and paid the $600,000 ransom out of its insurance policy.”

The rise in ransomware is part of an overall increase in destructive malware attacks worldwide. As a result, it is more important than ever to put practices that can help protect your organization to use.

And in the event of an attack, always involve law enforcement.

“I give Texas a lot of credit,” Boian says. “They mobilized as a state to help these government entities out. If you’re a member of something larger—a corporation with subsidiaries or a government—it is critical to have a plan in place in which everybody works together.”

Contact your Huntington relationship manager to discuss the cybersecurity best practices and Huntington products that can help you reduce your cybersecurity and fraud risks.

Additional Resources

DHS CISA Tip Sheet on Ransomware

US CERT How to Protect Your Networks from Ransomware

National Governors Association State Cyber Disruption Response Plans

National Association of State Chief Information Officers (NASCIO) Cyber Disruption Response Planning Guide

Protect your business

Protect your business and then Huntington's Business Online banking platform offers multiple fraud mitigation resources to help you protect your accounts against both paper and electronic fraud.
Learn more

The information provided in this document is intended solely for general informational purposes and is provided with the understanding that neither Huntington, its affiliates nor any other party is engaging in rendering tax, financial, legal, technical or other professional advice or services. Any use of this information should be done only in consultation with a qualified and licensed professional who can take into account all relevant factors and desired outcomes in the context of the facts surrounding your particular circumstances. The information in this document was developed with reasonable care and attention. However, it is possible that some of the information is incomplete, incorrect, or inapplicable to particular circumstances or conditions. NEITHER HUNTINGTON NOR ITS AFFILIATES SHALL BE LIABLE FOR ANY DAMAGES, LOSSES, COSTS OR EXPENSES (DIRECT, CONSEQUENTIAL, SPECIAL, INDIRECT OR OTHERWISE) RESULTING FROM USING, RELYING ON OR ACTING UPON INFORMATION IN THIS DOCUMENT OR THIRD-PARTY RESOURCES IDENTIFIED IN THIS DOCUMENT EVEN IF HUNTINGTON AND/OR ITS AFFILIATES HAVE BEEN ADVISED OF OR FORESEEN THE POSSIBILITY OF SUCH DAMAGES, LOSSES, COSTS OR EXPENSES.

Third-party product, service and business names are trademarks / service marks of their respective owners.