There have been a rash of high-profile cyberattacks in the United States recently. Some of the more visible public attacks include SolarWinds, the Microsoft Exchange attack, Accellion, the Florida Water Treatment Plant and, more recently, the devastating cyber-attacks against Colonial Pipeline. These attacks, while disruptive, also yielded high-dollar payments to the cyber-threat actors.
ERISA-covered plans hold just under $10 trillion in assets and these plans are particularly enticing for cyber-threat actors. Although the Colonial Pipeline cyberattacks was executed by a coordinated hacking group, cyberattacks on ERISA-covered plans have historically been less complex. A typical scenario involves a retired employee’s ERISA account being accessed by an imposter, who then steals the account balance.
With the increasing frequency of cyberattacks, it seems probable that coordinated execution will find its way to the substantial assets held in ERISA-covered plans. Foreshadowing this scenario, on April 12, 2021, the U.S. Department of Labor (DOL) issued guidance on cybersecurity best practices to help mitigate the risk caused by cyber-threat actors on ERISA-covered…
