Cybersecurity and the Chamber of Commerce
All is relatively well here at Woesnotgone Meadow, where everyone has above average bandwidth.
Most towns of a certain size have some form of a Chamber of Commerce. Although the Meadow does not have a vast number of businesses, there are quite a few. Jerry is the president and keeps everything running smoothly. Our little municipality has not been targeted for an attack, thankfully. Other Chamber of Commerce departments have not been that lucky. The Ann Arbor/Ypsilanti Regional Chamber of Commerce is located in the southeastern section of the lower peninsula of Michigan. They manage all of the usual tasks a chamber of commerce would.
On January 8, 2019, their computer system was successfully attacked. The attackers used well-known Emotet malware. This iteration allowed the attackers access to customer names, mailing addresses, and emails. The attackers, fortunately, did not have access to banking information, accounts, credit cards, security codes, or passwords.
Emotet is a curious piece of malware. This is coded to especially evade detection, embed itself into the system and multiply. If the malware detects it is in a sandbox, it is coded to remain dormant. This is also polymorphic, meaning each time it is downloaded, the malware changes slightly, to evade a standard anti-virus signature. As this was designed so well, it is no wonder this is still in use over the last five years.
To remediate the issue, and get the Chamber back up and running, they had to start somewhere. The Chamber began researching what happened with this and on January 24, 2019 sent a notice to its members regarding the successful attack and compromise. In the least, this is an opportunity to learn from this and improve training for the staff. As a reminder, any training does not need to be bland, and not encourage the users to become bored.
Thanks for visiting Woesnotgone Meadow, where the encryption is strong, and the O/Ss are always using the latest version.
Afana, D. (2019, January 24). Malware hits ann arbor/ypsilanti chamber, member information safe, officials say. Retrieved from https://www.mlive.com/news/ann-arbor/2019/01/malware-hits-ann-arborypsilanti-chamber-member-information-safe-officials-say.html
Stockley, M. (2019, January 25). Fighting emotet: Lessons from the front line. Retrieved from https://nakedsecuriyt.sophos.com/2019/01/25/fighting-emotet-lessons-from-the-front-line/
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.