February 6, 2018 is a day that Cathy Crawford, President of Davis-Bacon Pension Plans will never forget; it is the day that her data was hacked. When she arrived at work, the thieves had broken in through her VPN service and all of her files were scrambled. She was greeted with a ransom note that said that if you pay us $5,000, we will reinstate your files.
Cathy’s response was, “You are out of your mind.”
As a leader of the company, Cathy was defiant in the face of bullies. This was her natural instinct and one that most of us would identify with. At this stage of the story, paying $5,000 to hackers seemed immoral and ridiculous.
Following confirmation from her IT team that the hack was legitimate, the next few days would bring many challenges. The first step was to assess how to recover her back-up files through her software providers. This highlighted which companies she would be forever indebted to and which she would be firing at the soonest possible chance. Some were completely understanding and responsive while others were callous and incompetent.
The next challenge was to communicate to her clients that there would be delays during a very important time of year. A similar scenario occurred; some were empathetic and supportive whereas others were rude and demanding. As someone who built a business on white glove service to her clients, this was perhaps the greatest fear realized. Cathy felt that she had let her clients down.
The third element was the challenge that all small businesses can identify with; when your employees can’t get any work done but payroll continues – how long can your business survive? Through perseverance, hard work, and fear management, Cathy and the team at Davis-Bacon managed to restore their systems and files. In her best estimations, Cathy believes that she spent $10,000 dollars on service fees recovering files and lost four weeks of work from her employees.
When asked if Cathy would immediately say no to the ransom if it ever happened again, her response was, “No; I still don’t think that I would pay the ransom but I may consider my options fully before I make a decision. I can tell you that this was a clear and present danger that caused us to give extensive thought into our processes and software. Companies like PensionPro help me sleep a little easier these days.”