Financial Crime World

Digital Payment Security Threats Rock US Virgin Islands Government Offices

Two government offices in the United States Virgin Islands have fallen victim to cyberattacks, resulting in significant financial and operational disruptions.

VIPD Ransomware Attack

  • The US Virgin Islands Police Department (VIPD) was hit by a ransomware attack that compromised its network and servers.
  • The attack encrypted internal affairs records and citizen complaints, disrupting public services for several weeks.
  • Despite being unable to access its systems, the department reported that no sensitive information was stolen.

WAPA Business Email Compromise Incident

  • The Water and Power Authority (WAPA) lost $2.3 million due to a business email compromise (BEC) incident in May and June 2018.
  • Hackers sent fake invoices from a supposed vendor, and WAPA wired the money to an offshore account.
  • Since then, WAPA has implemented cybersecurity training for employees to identify phishing emails.

Growing Trend of Ransomware Attacks

  • As of May 2019, there have been 22 reported ransomware attacks against public sector entities in the US this year.
  • Florida cities Riviera and Lake City have also paid steep ransoms to cybercriminals, with amounts totaling $600,000 and $500,000 in bitcoins.

Best Practices for Preventing Ransomware Attacks

  • Follow the 3-2-1 rule for backing up important files.
  • Train employees to spot email threats and limit access to administration tools and files.
  • Practice network segmentation and data categorization.
  • Implement high-fidelity machine learning, behavior monitoring, and application control.

Trend Micro’s Smart Protection Suites

  • Delivers high-fidelity machine learning, behavior monitoring, and application control to minimize the impact of ransomware attacks.
  • Detects and blocks ransomware on networks with its Deep Discovery Inspector.
  • Stops ransomware from reaching enterprise servers with its Deep Security solution.
  • Provides virtual patching capabilities to protect endpoints from threats that exploit unpatched vulnerabilities.

Importance of Phishing Awareness

  • Phishing attacks have become more sophisticated, making it crucial to identify them through awareness and proper training.
  • Employ security solutions that combine traditional defenses with advanced technologies such as artificial intelligence and machine learning.

Trend Micro’s Cloud App Security Solution

  • Analyzes sender, content, and URL reputation to detect suspicious emails.
  • Provides sandbox malware analysis and document exploit detection to further protect users.
  • Helps tighten defenses against a broad range of cyberthreats brought about by phishing schemes.