SPOT Cybersecurity Tip: You Can Pay Me Now, or Pay Me Later

Cybersecurity Tip from The Fulcrum Group
Click to read more SPOT Cybersecurity Tips on LinkedIn

“The choice is yours. You can pay me now or pay later”, says the grease covered auto mechanic in the classic 1970s Fram oil filter commercial. It’s an example of what economists say is a “false economy”. a small initial savings that costs you a lot more down the road.

The Mayor of Hamden, CT found out this lesson the hard way recently, when a cyber-attack compromised the town’s IT systems. According to the New Haven Register, the town Mayor requested $500,000 in IT restoration services as a result of the cyberattack. As you can see from the graphic above, the costs were for more than just IT services; they also included legal representation, forensics investigation, and other remediation services.

Lessons Learned

There are some really good take-aways from this cyberattack, and they apply to all organizations – local government, businesses, non-profits, educations systems, and more.

Lesson 1 – You MIGHT save money in the long-run by ignoring cybersecurity, but you might also face incredible costs that could cost you MUCH more than if you had taken cybersecurity seriously.

Lesson 2 – The costs related to recovering from a cyberattack are more than just recovering the affected IT systems. There are legal and media communication expenses and loss of reputation as well. These costs won’t put a local government out of business (the residents will pay the cost), but they could easily put a business out of business.

Lesson 3 – Pay attention to the critical cyber threats that are publicized by the FBI, CISA, and other federal agencies. In the case of the Town of Hamden, the attacker likely obtained access to their IT systems through a known vulnerability called LOG4J. The ability to mitigate this vulnerability has been around for months since it was discovered in January 2022.

If you aren’t sure that your organization is protected against cyber threats like LOG4J, reach out to us to schedule a time to chat about your cybersecurity needs.