By Mark Radosevich
Up to a short time ago, I had a vague notion of malware and computer hacking, but the problem is much wider than expected and given the amount of customer data and cash that regularly passes through a petroleum wholesale business, unsuspecting oil marketers are increasingly being targeted.
In fact, some experts predict ransomware attacks may double by next year. In recent weeks, reports emerged of a variant of ransomware known as “WannaCry” began infecting Windows computers. Similar cases are occurring with marketers. In many WannaCry cases, If the user didn’t pay within three days, the amount was doubled. Another week and files were deleted.
HELD FOR RANSOM
The president of a Tennessee-based fuel marketer gave me his account of trying to log onto the company’s computer network on a recent Saturday morning and encountering a cryptic note with a skull and crossbones graphic notifying his company the files had been encrypted, rendering them unobtainable unless a ransom of $50,000 in Bitcoin was paid.
The hackers had basically shut down the marketer’s operation and encrypted all of their records—receivable, payables, customer lists, addresses and contact names.
To add insult to injury, he now had to figure out how to obtain Bitcoin, which is not a small feat for the uninitiated on a Saturday. In the end, the virtual currency was secured through various Bitcoin brokers, the ransom paid and the files recovered after several days of operating blind. This was followed by a comprehensive reassessment of internal controls and security processes.
Other marketers I’ve interviewed confirmed that they had been hacked and either refused to pay the ransom, and subsequently reconstructed their data or they refused to pay and suffered little harm due to their security and data backup protocols.
Ransomware attacks couldn’t be nearly as successful if it wasn’t for the existence of Bitcoin as traditional banking intermediaries are not involved. Payment is through a simple file transfer between two people or companies. Bitcoin transactions are documented on a virtual open ledger but names don’t have to be attached to the parties involved.
Some steps can include restricting the ability of people to add programs to computers, using antivirus program subscription software and backing up files every day, with the central database stored on a device that is isolated and not online.Prohibit employees from using company computers for personal things like, surfing the web, emails or opening emailed attachments.
Next, dedicate the resources to hire top notch IT specialists. Employ better employee security protocols using unique passphrases versus simple passwords, and be dedicated about making regular passphrase or password system changes. Remember the parting words of the Tennessee marketer I previously referenced: “When you think you’ve done enough, think again because you can never have enough protection.”
TIP OF THE SPEAR
Given the real and growing danger of the ransomware problem, I propose that cybercrime prevention be formally adopted as a third area of primary emphasis on the state level and nationally through organizations such as the Petroleum Marketers Association of America (PMAA).
This can include creating a stable of approved IT consultants to conduct training seminars and individual site assessments at association member businesses to highlight potential security weaknesses. Rather than keeping incidences of hacking a dark and embarrassing secret, I propose bringing the problem into the light by the formation of a new association committee entitled “IT Security.”
This committee will be tasked with facilitating training, coordinating IT vendor participation and as an official platform to share successes and potential threats encountered by member companies. If promoted properly, this new committee should also provide state associations with a new and valuable benefit to motivate non-member companies to join and become involved.
Possessing more than 35 years of downstream petroleum experience, Mark Radosevich is president of PetroActive Real Estate Services LLC, offering confidential mergers & acquisition representation and financing services exclusively to petroleum wholesalers. He can be reached by email at [email protected] or at (423) 442-1327. His full professional bio can be found at www.petroactive.net.