4 Real Life Examples of Cyber Attacks

November 19, 2021

The key to winning at chess is not only to keep your King protected while your other pieces move forward. You must also out-think your competitor’s strategy to avoid or quickly recover from an attack. In chess, it’s not a matter of if you’ll need to go on the defensive, but when. Similarly, for your business, it’s not a matter of if you’ll fall prey to a cyber attack, but a question of when. How will you defend yourself?

Organizations of all sizes are threatened by cyber attacks, everyday. In 2018 enterprises saw a 12% rise in ransomware attacks, with the number of attacks accelerating every year. Compound that with the increase in cloud security challenges and a 78% uptick in attacks exploiting third-party services.

In recognition of Cybersecurity Awareness month, we interviewed James Moon, CEO and owner of Techmedics, to learn about some real-life cybersecurity threats facing businesses and what you can do to protect your business from being another breach statistic. As part of the Techmedics Virtual CTO offering he acts as Virtual Chief Technology Officer and Director of IT to several organizations across the nation.

From Nuisance to Disruption

When a system goes down, it’s standard procedure to respond quickly and bring the system back online as fast as possible. The problem is solved, and everything goes back to normal.

However, there’s an extra layer of pressure when it comes to a cybersecurity breach. For every attempt to solve the problem, there may be somebody on the other end countering your moves. You don’t know what they know, how prepared they are, their overall skill set or their objective. It’s a high-stakes chess game of responding quickly and countering each move they make with your own strategy.

The more prepared you are, the better opportunity you have to come out unscathed. Because when a breach happens, if you don’t have a protection strategy in place, it could be checkmate for your business.

James shares four examples of real-life cyber-attacks he has run up against, and his suggestions to help you avoid these kinds of attacks.

#1 – Leaving the door open

Being targeted from an outside attack is scary. Having someone on the inside cutting corners that could leave you wide open to attack can be just as bad. During onboarding a newly contracted client we discovered that their remote desktop services (RDS) were open to the public, leaving their server compromised and vulnerable to even a basic hack.

The compromise wasn’t done maliciously, but out of laziness. The previous administrator wanted a convenient way to remote into the network in order to do his admin duties. Instead of using VPN and logging into RDS each time, he left the system open. The problem was easily fixed by our team who updated the core configuration capabilities on the RDS server, therefore closing the door.

It’s an all-too-common occurrence when a vulnerability is exposed due to in-house IT staff. Whether you have a team of technicians or one administrator, it’s in your best interest to investigate and close the gaps in your network. This can be done by performing routine assessments.

#2 – You get what you pay for

Free deals, especially when it comes to security software, are incredibly limited in their protection capabilities. The unfortunate situation of a client who invested their security posture in free software, and got exactly what they paid for.

The client was hit with a virus that acted as a DHCP server, propagating on the network by directing computers needing an IP address to grab it from the nearest infected system. Once it got an address from the infected system, it would be redirected to a website outside the network that contained malicious content. There, it would initiate a download of even more viruses and malware payloads, therefore accelerating the spread on the network.

It took our team three days to figure out and contain all the viruses which had spread throughout the network. Fortunately, ransomware didn’t exist at the time, but it still cost the client to undergo this thorough clean-up job.

This is a reminder that, not only do you get a more robust security package with the paid version, it also comes with support from the security partner. It was that support that enabled our team to isolate and quarantine all the viruses on the network. We also recommend using multiple layers of protection, in addition to different technologies, to counter any cybersecurity breach.

#3 – Gone Spear Phishing

Hackers often use a company’s vulnerabilities to set up sophisticated phishing scams, known as spear phishing. Unsuspectingly, they convince employees to give up valuable information and even large sums of money before they realize something isn’t right.

This is the story of a client who was targeted for this kind of attack and how extensive the damage can be. One of the users in the accounting department received a phishing email, seemed legitimate. The person clicked on a link which downloaded a file onto their computer, enabling the attackers to watch the employee’s inbox and develop a profile for the company. Once they developed their profile and had a good understanding of who signed the checks, they went to work, requesting money to be wired to a foreign bank.

Fortunately, while the money was being prepared to be wired, we were able to discern what was going on and stop the transfer from happening. However, the hackers were able to breach several of the company’s clients who also were compromised. Attacks like this don’t stop at one victim, they catalog as many victims as they can, working down the client chain.

#4 – The weakest link

One layer of protection, and sometimes the easiest to penetrate, is employee behaviors. In another email incident a small business was left exposed and it cost them.

Acting as the owner, hackers were able to send an email displaying the owner’s name, but from a generic mailbox, asking for a six-figure amount to be wired to a bank in China. It wasn’t uncommon for the owner to make such a request, so the employee set up the transfer without verifying with the owner.

They found out within 48 hours that the request was fraudulent, but it was too late and the money was gone. In incidents like this, no amount of technical solutions can remedy the situation. This is about a breakdown in business processes. We recommend training your team on how to deal with these kinds of requests. From there, we can do penetration testing to ensure that employees are adhering to these processes.

Convinced that you need to take a closer look at your security solution and protocols? Here are some recommendations to strengthen your security posture.

Strengthen Your Security Posture  

Being proactive in your defenses is key to ensuring you don’t end up a victim — losing time, money, and possibly your business. Because whether you can see it or not, you’re “under attack”.

Here are four products that James recommends to enable you to strengthen your company’s security posture:

  1. Next Generation Firewall - Putting a secured gateway to the internet in front of your business helps keep intruders out, and next generation firewalls take that one step further with advanced features and capabilities.
  2. Endpoint Protection - Detect and stop malicious payloads from propagating on your network using malware and antivirus protection.
  3. Expanded Antispam Protection - Supplement your Microsoft 365 antispam protection with a third-party email solution that can eliminate phishing, ransomware and impersonation attacks.
  4. Stopping Attacks Before They Start - This is where a comprehensive solution, like Cisco Umbrella, comes in, providing a secured internet gateway which acts at the DNS level to protect you from any cybersecurity threats that might try to get on your network.

“These are all absolutely necessary and that is why we include it in our Cybersecurity Essentials platform,” said James. “We also have a team that’s knowledgeable on how to use those tools and how to implement them. If there are any type of security vulnerabilities that we notice, we alert you and increase our security stance to mitigate the breach.”

The cybersecurity solutions you choose depend on your business needs and what you’re trying to protect. Security can get much more granular and it’s recommended to have a partner, like Techmedics, help you determine what solutions are relevant for your environment.

Getting Proactive  

“Most of our clients signed up with us after a breach,” explains James. “This is like putting in security cameras and alarms after your business has been burglarized.”

Instead, protecting yourself proactively, can keep you from wishing you did.

Are you looking for help developing your cybersecurity strategy? Contact us today to get the right solutions in place.

Get in touch with Techmedics

Our engineers can help your business with network infrastructure technology. Let us know about your next IT-related project or managed IT services contract. Contact us today or learn more about our services.

Your request has been sent.
Oops! Something went wrong while submitting the form.