loading
Contacts

Think you only need to be worried about the “bad guys” attacking your network from the internet?

Not. So. Fast!

It’s a Friday, and it has been a long week. You are in the middle of a new bid and your back-office staff has been going well above and beyond to make the deadlines. The bid is finished with only a few “tweaks” that your proposals staff will complete over the weekend. The bid will be submitted on Monday and your company is a shoo-in for the task order. Hard work pays off. You send the team home early. “Enjoy the long weekend” you shout as you step into the warm summer air. The forecast calls for beautiful weather and you’re happy to give the staff some extra time to enjoy it after all their hard work.

Your IT intern Alice waves to you on her way out the door. You make small talk and learn that she’s traveling over the weekend to see relatives in Mexico. She’s excited to have the afternoon off so that she can get packed. She was already wondering how she was going to fit everything into a tight timeframe.

Friday evening rolls around – A relaxing evening with your family.

Saturday is beautiful. It’s pool day. You’re enjoying time in the sun with friends and family. Burgers are cooking on the grill, the sun is shining, the music is playing, and everyone is happy. You’re up late playing cards with your friends and CRASH after a very long week.

Sunday morning. Birds are chirping and the late morning sun is shining through your bedroom window. For once, you slept in. You reach for the nightstand and grab your cellphone. 10:09AM. 4 missed calls, and 13 text messages from your system administrator, Mike. On Sunday? Words like “Urgent” “Please Call” “We have a problem”. Not good.

You call. Mike is a mess. Mike had connected to install some patches and discovered that all his files were inaccessible. While troubleshooting, he got a call from your finance analyst that they were also having problems accessing their files. Upon further analysis…  all directories on the file server were inaccessible. Your network has been hit with crypto ransomware. Everything is encrypted. In addition, a digital “ransom note” was being displayed on all the monitors in the office.

“Your files have been encrypted. Do not attempt to recover them. The only way to access your files is to pay us 5 bitcoins.”

How did this happen? You’ve heard of bitcoin, but what exactly is it? It’s a coin, that can’t be much, right? You search from your phone “Bitcoin Price today”. $29,597.10 PER COIN. $150k to get your files back? No way! Surely IT has backups they can restore from. Right? YOU NEED THOSE FILES. Finance, HR, Proposals, IT… they’re all inaccessible. And the bid. THE BID! It’s encrypted too. That was the biggest deal you have ever gone after, and it was almost a done deal. Who did this? How did they get into the network? You pay a firm to look at your outside security once a year!

Mike has bad news. The IT intern Alice went out of the country on vacation. While in Mexico, she discovered that she could not watch any television stations in English. Her kids wanted cartoons. Alice told her husband… “No problem! I have a solution!” She connected her company laptop to your virtual private network (VPN), launched the web browser and turned-on cartoons for the kids. They were thrilled. Her oldest, a very smart 9 year old named Charlie, decided to browse the web while Alice was getting ready for the day. He mis-typed a web address and started seeing a flurry of error messages. Worried that he did something wrong, he turned the laptop off.

The damage was done. The website was an intentional clone of a legitimate site. The laptop was immediately infected by a malware. This malware determined that it was connected to a corporate network and “spidered out” to see what resources were accessible. Alice was signed in with her system administrator credentials and had access to EVERYTHING. The malware hopped from server to server, and workstation to workstation encrypting EVERYTHING.

This was no outsider attack. This was an insider attack. From a trusted resource that was unknowing. It happens every day and it’s your biggest threat.

Can the IT team restore from backups? Maybe.

Will you get your data back? Maybe.

Will you be able to submit your largest bid ever on Monday? No way.

This could have been avoided. You need a comprehensive security plan. You need a risk assessment. You need to know where your threats are coming from and protect against them proactively.

PDQ IT Solutions has over 25 years in IT Security risk assessments and remediation. Contact us today to discuss your needs!

Contact Us

#ITSecurity #InsiderThreat #RiskAssessment

Leave a Reply

Discover more from PDQ IT Solutions LLC

Subscribe now to keep reading and get access to the full archive.

Continue reading