GIRARD — An insurance representative for a company that provides cybercrime insurance to the Crawford County government gave a presentation at the March 26 county commission meeting highlighting that in the time since the county first purchased its cyber insurance policy last year, it has already had an incident that was covered by the policy.
“It was a phishing incident,” said Chris Bohrer of Wood-Dulohery Insurance, Inc., “where they had gotten in and gotten ahold of some information and locked up some different things.”
The Federal Trade Commission’s consumer information website describes phishing as “when a scammer uses fraudulent emails or texts, or copycat websites to get you to share valuable personal information – such as account numbers, Social Security numbers, or your login IDs and passwords,” that scammers then use to steal a victim’s money or identity.
Bohrer said County Counselor Jim Emerson and the county’s information technology employees handled the incident properly.
“The problem that you have though is you’re fighting the entire world,” he said, when it comes to cybercrime.
“It used to be they just pulled, you know, (County Commissioner) Jeremy Johnson’s information and they try to sell it on the dark web,” Bohrer said. “Well now they get in there and they watch what you’re doing, and they kind of try to find out some kind of trend. And what they did was they saw this invoice going back and forth and getting paid out, and the next thing you know, they made a dummy company, so they could make a dummy email, so they could send a dummy invoice, and the only thing that was different on the invoice was the routing number and the account number.”
Bohrer added that “the problem is the guy’s in Kazakhstan.”
Bohrer said protecting against cyber threats requires ongoing training for employees and updating of technology, saying he had even heard of “networks that were secure, but the copier wasn’t secure, and so they were able to get into the wireless copier to get into the network, and that’s the other reason why this has turned into such a big issue with the insurance side of it.”
Problems with the security of so-called “Internet of Things” devices that are designed to connect to the internet or to one another wirelessly have become widespread in recent years. Many high-profile hacking and identity theft incidents have occurred due to criminals taking advantage of such devices having been designed with connectivity as the highest priority and security as an afterthought at best if it has even been considered at all.
“As time goes on you’re going to see more and more of this,” Commissioner Tom Moody said. The county commission voted in approval of renewing its cybercrime insurance contract with Wood-Dulohery Insurance at the March 26 meeting.