Police are investigating suspicious activity within a Norwalk High School bank account.
Norwalk Police Lt. Terry Blake confirmed Tuesday that Norwalk Public Schools contacted the department April 24 complaining of fraudulent bank activity. Blake said that the detective bureau is investigating but that, given the nature of the investigation, no further information would be released.
An email apparently sent on behalf of the Norwalk High School athletic director from an Arbiter Sports email address was received by some school employees on Monday, advising that a bank account had been hacked and that “multiple counterfeit checks have been printed and cashed.” According to the email, the school was ordered by Central Office to close the account and its current bank and open a new one at a new bank. During that process, payments to certain employees could be affected.
More information is expected soon – in the mean time it is worth mentioning Connecticut is the fifth riskiest state in the nation in terms of cybersecurity after Mississippi, Louisiana, California, and Alaska. States that rank after CT are Texas, New York, Missouri, Utah and Florida.
Some of the things that affected the ranking are keeping social media accounts private, reusing passwords across multiple accounts and relying on free antivirus software.
Late last year a hacker was arrested for stealing almost $600,000 from Connecticut school employees in Glastonbury and Groton and this past January, Norwalk recovered $515,000 after a hack going back many years. The city discovered in November 2016 that a $849,741.59 payment made to a vendor using the Automated Clearing Housing system had not been received. The city stopped a second payment and alerted the Norwalk Police Department, the FBI and Webster Bank, which Norwalk uses for some of its banking services.
In addition, the Derby Police were hit with ransomware last year and we were called on by local news stations for our opinion.
Although we don’t have a full picture of what happened in Norwalk High, every company should be doing the following items to stay cybersecure:
- Phishing simulation like Phish360; The idea is to send fake phishing emails and train users who click.
- Cybersecurity training must be done regularly.
- Auditing and documentation must be performed regularly to ensure systems are secure.
- Anomaly detection should be running constantly to detect threats as they emerge.
- Penetration testing shows if systems can easily be reached from the outside. Here is a case where this test might have saved two company’s’ reputations from being destroyed.
- Network forensics for when a breach eventually occurs. The bad guys always seem to get in eventually.
Protect your organization – even if you have internal IT, hire an experienced MSP or MSSP.
If you do get infected, be sure to hire an MSP with forensic experience who can handle the problem and get you back and running as soon as possible