LESSONS LEARNED: Cyberattacks and cybersecurity for consulting foresters

LESSONS LEARNED: Cyberattacks and cybersecurity for consulting foresters
Raise your hand if you thought the forestry sector, including forestry consultants, would ever be the target of cyber-criminals. I know a few years ago I would have thought small fish like foresters wouldn’t be on the radar for cyberattacks and financial extortion attempts, but today I can name several forestry companies that have been a target, including F&W. In fact, recent studies indicate small businesses are increasingly the target of these attacks.

Late in 2020 our accounting department received an “Invoice” in the accounts payable email box. Like other companies, we receive many invoices from various company activities and the user may not recognize the email sender. Although it appeared valid, when the document was opened it released a trickbot that started an attack on the network. Even with up-to-date security software, the attack was sophisticated enough to quickly morph and spread through the system. The anti-virus even caught the initial malware, but at that point, it had already spread.

Thankfully we had cyber-insurance which allowed us to have immediate access to a company specializing in cyber-attack negotiations, forensics, and recovery. Even with the help of this specialist and a team of knowledgeable internal IT staff, many 100+ hour workweeks were spent on the recovery effort and restoring full functionality of IT services. Our dependance on emails and computers have never been clearer than during this time.

Through this difficult situation, we learned much on how cyber-attacks happen and what can be done to reduce the risk of another. Cyber-security must take a layered approach and balance risk with costs and user convenience. Every company must decide where that balance is for their own situation. With that stated, below are some recommendations that will help reduce your risk of attack.

Employee Training – whether you are a one-person shop or 100, training is extremely important. Learning the sign of phishing emails, social engineering, and safe computer use are the first step in preventing a cyber-attack. There are both free and paid options available that can educate users on what to look for.

Multi-Factor Authentication (MFA) – you have probably heard this and are likely using it in some capacity. Most major technology providers have MFA built into their products now and it is highly recommended you take advantage of it. This way, even if your credentials are stolen, you should notice someone is trying to access your account.

Backing up your data – We all know this is a good practice, but many let this slide. With client communications, financial records, and ongoing work products, losing data can be a critical hit to your business. Also keep in mind that cloud backups can be compromised if your credentials are stolen, so having a periodic offline backup is always a good idea.

Keep software and operating systems up to date – Regularly update your computer and software so security patches are installed. Cyber-attackers often utilize these security vulnerabilities to access your system, and updates are an easy way to lower this risk.

Take advantage of built-in security – Both Microsoft and Apple provide a suite of security measures built in. Take advantage and make sure items such as firewalls, anti-virus and controlled access folders are turned on and utilized.

Advanced anti-virus software – Consider looking at some of the newer advanced anti-virus software that uses artificial intelligence to detect threats. These offerings go beyond the traditional methods of being able to catch known viruses based on updated definitions; they can analyze files and look for potential irregularities that may be an indication of a problem.

Invest in cyber-insurance – Talk to your agent about cyber-insurance coverage. It was extremely helpful in a stressful situation to have someone assisting you through the recovery. They may also help pay for security upgrades and income loss. 

Employing the recommendations above will go a long way in protecting your business against cyber-attacks. You should also consider having a security consultant review your system and provide recommendations based on your actual situation. This will be money well spent to reduce the chance of going through what we did.