Cyberattack at Monticello

Cyberattack at Monticello

In June, Monticello, the home of Thomas Jefferson was the victim of a cyberattack.  It was actually a ransomware attack that knocked out the home’s electronic systems.

According to a source inside the Foundation, the IT department just reorganized. Even a new department head with an impressive background in cybersecurity couldn’t prevent a devastating attack.

The cyberattack shut down the online ticket sales, computer systems, credit card transactions and the phone system. Everything had to be processed manually. According to Symantec, the vulnerability, and the code that helped access it, is believed to have been stolen from the National Security Agency.  The code was stolen by hackers and then posted on the internet. Microsoft issued a patch for this vulnerability in March. Consequently, it appears that the users harmed by this had not kept their computers systems updated.

Because something as simple as opening an email is how viruses, malware or ransomware infect a computer system. But there are some proactive, preventative steps to take:

  • Documentation                                                                                                       You need to quickly be able to explain how your network fits together. Proper documentation along with passwords, and IP Address management will help diagnose problems.
  • Backups                                                                                                                      Backups are a business critical task. Don’t wait for people to make them, get a tool that will automatically take care of this task.
  • Employee Education                                                                                                   A new study reveals that companies believe malware and hacking are the top data security concerns.  Employee actions are the largest cause of security breaches.

Human error accounts for 52 percent of the root causes of security breaches, according to a study from CompTIA, the IT industry association.  Also, the study points out the top examples of human error:

  • 42 percent cited “end user failure to follow policies and procedures”
  • 42 percent cited “general carelessness”
  • 31 percent named “failure to get up to speed on new threats”
  • 29 percent named “lack of expertise with websites/applications”
  • 26 percent cited “IT staff failure to follow policies and procedures”

Notably, even though over half of the respondents name human error as the leading cause of security breaches, only 30 percent believe that  “human error among general staff” is a serious concern. Only 27 percent cited “human error among IT staff” as a serious concern.

As a result, experts often say employee training needs to address the way employees can create a “human firewall.” However, according to the study, only 54 percent of those surveyed said that their company offers some form of cybersecurity training.

Therefore, make sure that your staff understands and commits to security best practices.  At E-N Computers, we partner with KnowB4 to provide security awareness training for employees.

In summary, don’t let a situation like the one at Monticello, make your business .... history.