Preventing and Responding to Million Dollar Phishing Attacks - Two Local Governments Hit 2 Weeks Apart
Recently, St. Johns County and Ft. Lauderdale were both victims of cyberattacks that each totaled over 1 million dollars. These attacks focused on fooling government employees into changing payment information for large construction projects, leading to cybercriminals being paid instead of legitimate vendors. These attacks are growing in frequency and threaten local government entities of all sizes.
Phishing and Business Email Compromise
These types of attacks are generally categorized as “Phishing Attacks”, and more specifically a “Business Email Compromise” attack. They gather all the initial information necessary to successfully launch a scam.
- A phishing attack is a type of cybercrime where the attacker sends an email or a text message that looks like it comes from a legitimate source, such as a bank, a government agency, or a company. The message tries to trick the recipient into clicking on a link, opening an attachment, or providing personal or financial information. The link or attachment may contain malware that can infect the recipient’s device or network, or the information may be used to steal the recipient’s identity or money.
- business email compromise (BEC) is a type of phishing attack that targets businesses that use wire transfers as a form of payment. The attacker impersonates a trusted person, such as a vendor, a client, or a senior executive, and sends an email to an employee who is responsible for making payments. The email requests an urgent or unusual wire transfer to an account controlled by the attacker. The employee may not notice any signs of fraud and may comply with the request, resulting in a significant financial loss for the business.
St. Johns County and Ft. Lauderdale Attacks – Over 1 Million Sent to Attacker
Unfortunately, local government is rapidly becoming the prime mark for modern cybercriminals to target with these attacks due to the size of the projects they undertake combined with underfunded security. In the case of St. Johns County, (St. Johns County loses over $1 million to hackers, investigation underway – Action News Jax) the business email compromise occurred over 3 months before it was discovered. The attackers impersonated a legitimate vendor, sent fake invoices, and tricked the city officials into transferring money to their accounts. There are severe and long-lasting consequences and challenges that arise when recovering from these attacks. Generally, there is a large public story and the affected entity must notify the affected parties, contact law enforcement agencies, and work to restore trust and security.
The same story played out a few weeks ago in Ft. Lauderdale. A vendor was impersonated and funds were sent to a criminal account. (City of Fort Lauderdale scammed out of $1.2 million during phishing attack - CBS Miami (cbsnews.com)) In the case of Ft. Lauderdale, the attacker had intimate knowledge of the project and provided detailed documentation in order to fool the city staff. Generally, this can indicate a business email compromise.
Cybersecurity awareness training, advanced email security tools, and proper policy enforcement would have been the primary counters for these attacks. If the users had followed additional confirmation measures such as calling a publicly available phone number to confirm changes, it’s likely the attack would have been discovered.
The Impact – Phishing Attacks and Business Email Compromise
Phishing attacks pose a grave and escalating threat to local governments. They result in substantial financial setbacks, harm to reputation, and can also lead to legal entanglements. In order to safeguard your organization against cybercriminals, proactive and responsive measures are imperative. Scarlett Cybersecurity is a GSA contract holder providing a spectrum of IT services, including cybersecurity. We are also recognized as part of the Highly Adaptive Cybersecurity Services (HACS) SINs, having received GSA's pre-approval for our cybersecurity proficiency.
Our tailored cybersecurity solutions prioritize your unique needs and budget constraints. Our services span high-value asset assessments, risk and vulnerability evaluations, cyber hunts, incident response, penetration testing, and more. Additionally, we offer support for cybersecurity awareness and training, strategic planning, policy development, procedural frameworks, and compliance readiness. We boast extensive experience in collaborating with local governments of varying sizes, comprehending their distinct challenges and requisites.
Delaying action is not an option. Reach out to us now for a consultation on bolstering your organization's defense against phishing attacks. Visit our website at ScarlettCybersecurity.com or dial (904) 688-2211. Remember, phishing attacks can strike at any moment, affecting anyone, anywhere. Prepare and protect yourself with Scarlett Cybersecurity.