PROFILE
Company: Meyer Tool, Inc.
Business activities: Supplies precision components to the aerospace and gas turbine industries.
Employees: More than 1,500
Founded: 1951
Headquarters: Cincinnati, OH
Vern Childers, chief information officer of Meyer Tool, a Rolls-Royce supplier, spends a lot of time on cyber-resilience. "If it’s not the top thing we focus on, it’s second right behind performance and availability of all our systems."
Q: How has the cyberthreat changed over time?
V.C.: Ransomware attacks are becoming more and more sophisticated, based on artificial intelligence, including machine learning, and driven by organized crime. They’re targeting individuals versus, ‘Hey, we’re just going to throw this out at Meyer Tool as a whole.’ Now, it’s like a specific attack against our CEO, where the attack has been pre-designed with social engineering to attack the individual directly. They’re using social media to gain intelligence against the end user and then launching an attack.
Q: Have you suffered an attack?
V.C.: We successfully defeated a ransomware attack a couple of weeks ago. I’m going to be very generic, but what we saw was a very common attack against our accounting team, trying to have a wire transfer of funds sent. We identified it. We have some automated tools on the end users’ desktops. One is a phish alert. This criminal organization in a foreign country was really upset that we were able to stop the attack so soon that they launched a denial-of-service follow-up against us. We were able to take immediate action.
Q: Did they tip you off that it was a ransomware attempt?
V.C.: It was a fraudulent wire transfer. That’s a quicker payday than ransomware, with a higher success rate normally.
Q: Tell me about your defenses.
V.C.: The biggest piece is the education of the users. We do annual training and quarterly updates and newsletters. For higher-level users, specifically accounting, HR, the executive team, that’s almost one-to-one training. We run actual tests, like physical social engineering – sending someone claiming to be a help desk technician to get access to their badge area and try to get their password.
Q: You mean you have someone play a role to try to steal a password?
V.C.: They get a little bit upset with me, but it really raises awareness.
Q: How does the exercise work?
V.C.: Employees are kind of getting wise to this gambit, but I’ll ask a new hire, someone no one’s ever seen, to make a counterfeit badge, piggyback their way into the building, and try to get as many passwords as possible on the accounting floor, or an area I will point out. They’ll claim to be a help desk person or someone from public safety and try to gain access physically to a user’s computer.
Q: It shows the lengths you have to go to to protect the company, right?
V.C.: Absolutely. Now these users will directly call when they do not know the person trying to gain access to their computer, even remotely. I call back and say, 'thank you.' That’s exactly what we want to happen. Because they are the ones receiving these highly sophisticated, targeted attacks.