ERAI Blog

ERAI Adds New Alert Type - Cybersecurity Risk Alerts

Anne-Liese Heinichen
ERAI, Inc.

For over 20 years, ERAI has been collecting, storing and disseminating data on potential risks in the material purchasing and selling process in the form of alerts distributed to our subscriber base. Along with reporting organizations that have supplied suspect counterfeit or nonconforming parts, ERAI also provides identity theft alerts on companies whose identities are being used without consent by imposters who seek to benefit from an organization’s hard-earned reputation. Many of these are in the form of unsolicited emails requesting pricing commonly for industrial test and measurement equipment, hard drives, CPUs, and/or printer toners and are generally from email addresses that are similar to the real organization’s URL.

In recent months, ERAI has noted an increase in these types of unsolicited emails that additionally contain malicious software attachments. Malicious software, or “malware”, can be used to steal personal and/or corporate information and commit fraud for financial and economic gains by individuals, corporations, criminals, terrorists or governments.

ERAI has added a new type of alert to the ERAI database to warn ERAI subscribers of this potential risk. The alerts will be posted in an organization’s profile under the title of “Cybersecurity Risk” and will also appear in the Recent Company Alerts section of the ERAI website. These alerts should not reflect negatively on an organization but should be shared throughout your organization as part of your company’s risk mitigation procedures.

An example of a “Cybersecurity Risk” alert recently issued by ERAI:

On November 9, 2018, an organization received an unsolicited email allegedly from Patti Powers of Diversified Printing Techniques asking that the attached purchase order be reviewed for accuracy and an acknowledgment be sent by return mail. The organization called Diversified Printing Techniques via their website contact information and learned that Ms. Powers had retired. All of the company information contained in the email is otherwise true and correct. The organization did not open the attachment but forwarded it to ERAI where the IT Department determined it contained malicious software.

A representative from Diversified Printing Techniques stated the company is aware of this activity, believes the email account was compromised and is instructing recipients not to open the attachment.

Recently, the US Government’s office of National Counterintelligence and Security Center (NCSC) released a report on “Foreign Economic Espionage in Cyberspace” detailing multiple instances of the use of malware to steal credentials and proprietary data, illegally breach systems and shut down operations. The report provides the latest unclassified information about attempts made by foreign entities to steal US trade secrets through cyberspace and how industrial espionage poses a significant threat to US security and competitive advantage. The report also focuses on how foreign intelligence services pose the most persistent threat, primarily from China, Russian and Iran. These entities are targeting not only US government systems, but are also greatly focused on private energy, biotechnology, defense, and IT companies. One victim included a U.S. defense contractor.

ERAI strongly recommends that any attachments received by unknown persons not be opened until they have been deemed to be safe by your organization’s IT personnel. All instances should be reported to ERAI at complaints@erai.com.