During a four-week period, bad actors were able to embezzle approximately $500,000 from the Seventh-day Adventist Church. The attackers preyed on a church employee’s compromised Gmail password and initiated instructions for money transfers. They sent emails to treasury personnel at the General Conference headquarters, impersonating the employee and confirming transfer of funds. In order to complete the fraudulent transfers, they marked all communications as “read” and “deleted” to bypass the employee’s inbox.[i]
Every day, cyberattacks routinely paralyze computers and systems. Our Seventh-day Adventist organizations are not immune from these dreaded infections. Conference offices, individual churches, or one-room schools in rural areas—all can be targets. Cyberattacks do not discriminate based on the size of an organization or the individuals that work within it.[ii]
It is important to distinguish between two kinds of cyberattacks: ransom attacks and phishing. Ransomware is malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Phishing, on the other hand, is a social engineering technique used by cybercriminals to manipulate human psychology. In these types of attacks, the hacker sends emails, text messages, or links, posing as a legitimate body. If they succeed, they can lead organizations to reveal sensitive information.
With phishing, as in the opening story about embezzlement, much of the security depends on the precautions of individual employees. By targeting people with phishing attacks, attackers can bypass traditional security technologies with ransomware. Email is a weak point in the security infrastructure of many organizations, including Adventist organizations. Hackers can exploit these systems by using phishing emails to trick users into opening malicious files and attachments. By using Trojan horse viruses, hackers also target human error by causing people to download malicious files inadvertently.
Other attacks depend on insufficient antivirus and encryption measures. In 2020, one of our own Adventist organizations, a university, was affected by such an attack. The attack buried encryption malware in the Microsoft Windows infrastructure, infecting servers and any PC that was connected to those servers.[iii]
As organizations seek ways to outsmart attackers, cybercriminal gangs, like one called “Sabbath,” are modifying their techniques at increasing speeds. In 2021, Sabbath publicly shamed a U.S. school on a dark website after the school refused to pay a demanded ransom. “Instead of encrypting data and hoping for a big pay day, Sabbath simply steals data and extorts—a technique that is quite aggressive, yet lucrative,” according to Avertium, a leading cybersecurity firm. “Sabbath has made it a point to target critical infrastructure with their attacks with no clear signs of slowing down.”[iv]
In recent years, cybersecurity professionals have warned that ransomware attacks would continue to become more sophisticated and targeted. Their predictions were correct. Ransomware gang Sabbath is just one example.
What can you do to prevent or stop the spread of ransomware?
- Make sure you have backups on premise and/or in the cloud with a good retention policy.
- Use a VPN.
- Make sure that all systems and software are up to date with relevant patches.
- Use antivirus software, a firewall, and good security policies.
- Create complex passwords and change them regularly.
- Do not pay the ransom.
One of the major issues with security threats is a lack of awareness among users. Many people are unaware of what threats look like or what they should avoid downloading or opening on the internet or in emails. This lack of security awareness helps ransomware spread much more easily and quickly. By implementing the above steps, you can help to protect your Seventh-day Adventist organization as it pursues its mission.
[i] Lechleitner/Ann, E. (2014b, April 8). New details released in cyber attack that defrauded Adventist Church of half a million U.S. dollars. Adventist News Network. https://adventist.news/news/new-details-released-in-cyber-attack-that-defrauded-adventist-church-of-half-a-million-us-dollars
[iii] L. (2020, May 20). Andrews University Recovers From Malware Attack. Seventh-Day Adventist Church Inter-American Division. https://www.interamerica.org/2020/05/andrews-university-recovers-from-malware-attack/
[iv] An In-Depth Look at Ransomware Gang, Sabbath. (2022). Avertium. https://www.avertium.com/resources/threat-reports/in-depth-look-at-sabbath-ransomware-gang
Image Credits: Natalia Merzlyakova-stock.adobe.com