In this case with FirstEnergy of Ohio in the last week, it is reported that they disabled 6 million user accounts and will have all their active users reactivate them with new passwords. As perpetrators tap into easy to login accounts that do not block repeated attempts before lockout, they eventually will get access using a computerized attack. SMEs commented on businesses that do not follow industry cybersecurity rules to login to what is supposed to be customer protected information. All businesses should be using Multifactor Authentication, device recognition and geo location analysis before granting any access. In many business systems including colleges and universities, they retain inactive accounts. And these accounts that are poorly protected have lots of information for the data thieves. Again, SMEs state that companies that retain PPI and PFI are big targets. FirstEnergy should be NERC cybersecurity compliant as a utility, but maybe the NERC CIP standard is not as robust as NIST or ISO’s user account CSF requirements. Therefore, to help in Ohio and in the US, business owners and Board Members need to examine their customer online portal website today. Do you have MFA? Do you recognize the user device? Do you check for geographical location? If you can repeatedly attempt account login without lockout, this needs to be fixed immediately. In essence, many businesses need to fix their customer portals like FirstEnergy this week.

Related article: FirstEnergy hack is cyber-thieves’ latest effort to swipe personal info – cleveland.com

ISO 31000 certified TechR2 will check your organization’s systems against either the NIST or ISO standard to discover your network vulnerabilities