Example Company Alpha: A Cyber Incidents Case Study

Posted November 19, 2019

In IT Solutions, Managed IT Services, Managed Network Services, Managed Service Provider, Managed Services

Small- and medium-sized businesses are increasingly becoming the preferred target of cyber incidents. Just last year, a whopping 67% of SMBs dealt with cyber attacks, while another 58% were victims of a data breach.

At face value, this trend seems counterproductive. Large companies have more money, more data, and more workforce to exploit.

But with that comes cybersecurity resources, like high-tech monitoring systems and multi-layered access protocol, that make infiltrating a large business network much more difficult. Despite their best efforts, many cyber criminals have neither the know-how or the equipment to conduct such a complicated crime.

On the other hand, SMBs make tempting targets because they have access to private customer information, credit card numbers, and potential access to larger business partners through network connections, but without the security measures in place to protect themselves.

CYBER INCIDENTS HAVE MAJOR IMPACT

The statistics related to small businesses and the cyber incidents that affect them are staggering.

While the majority of small businesses are concerned about their vitality and privacy following an incident, only 14% rate their ability to mitigate an attack as “highly effective.”

The numbers only get worse from there:

43% of all cyber attacks specifically target small businesses
60% of small companies go out of business within 6 months of a cyber attack
52% data breaches occur due to human error and system failure. The other 48% is the result of malicious intent.

EXAMPLE COMPANY ALPHA

Example Company Alpha is located in the Midwest United States. It deals in medical supply sales to hospitals and clinics in the surrounding area.

The current number of employees stands at 75. Of those, the 5 people who work for the IT department are the only ones who receive annual training in cybercrime. What they learn at these trainings is not shared with other employees, simply because time is not put aside for internal password, MFA, and malware training.

THE CYBER INCIDENT

At 6:00 am, all employees received an email from an account with a familiar company domain. The email came from john.clower@companyalpha.com, the usual address that tech information was sent through. It stated that updates needed to be installed before devices were used for the day. As salespeople, receptionists, and management logged in and checked their emails, they downloaded the attachment and installed.

What they failed to notice was a pretty common trick for phishing and ransomware scammers: Using a similar and familiar email address to fool victims into following their instructions. The actual tech supervisor’s email address was john.dower@companyalpha.com. In their haste to prepare their devices for the day, more than 30 people downloaded a ransomware program onto their devices.

TOO LITTLE, TOO LATE

By 9:00 AM, several computers were getting strange popups stating that all files on the device had been encrypted, and that the only way to regain access to them was by purchasing a decryption key through a website. Meanwhile, the ransomware continued its journey through the network, effectively shutting down every unsecured device logged into the WLAN.

Confidential customer data, employee email addresses, and personal information was skimmed and saved, to be sold on the dark web. It was a network blackout of massive proportions, and one that could only be solved by paying the creators of the ransom the sum of money they demanded.

All employees were asked to log off and avoid accessing company data until further notice– Without the network, critical functions, including sales documents, access to printers, and customer orders, were completely inaccessible.

PAYING THE PIPER

After a week of failed attempts to remove the ransomware, it was decided that it would be more cost-effective to pay. As of now, the company had lost a week’s worth of sales, employees were unable to work, and many customers were questioning the reputation of a once-trusted supplier.

Example Company Alpha paid the $75,000 ransom, nearly draining company coffers. It took another 48 hours to receive the decryption keys.

By the end of the incident, the company was out more than $100,000 in damages, compensation, and hiring a team to revamp the network security.

AN OUNCE OF PREVENTION IS WORTH A POUND OF CURE

The story of Example Company Alpha is fictional, but the situation and severity is very real. Without multilayered, adaptive security systems, a single misclicked attachment or unnoticed phishing email could bring a business to a grinding halt.

At Verus, we understand how important keeping data safe is. For business in highly regulated industries, such as financial services, education, and healthcare, Verus has years of experience designing networks that meet the most exacting data security compliance requirements. Verus designs, implements and supports networks that meet the highest standards for data, firewall and connectivity security.

An investment in your network today means avoiding the financial consequences of cyber incidents tomorrow.

Kevin Willette

Kevin Willette is Partner / CEO of Verus Corp. His focus is ensuring complete customer satisfaction and providing as much or as little support as is needed for the individual client. Kevin knows that plenty of places do IT services, but what sets Verus Corp apart is the local feeling and the commitment to doing things right the first time. He has always wanted to be a business owner because it affords him the opportunity to offer a service that was better than anything clients had seen before. His true goal is to help customers make their businesses better by removing potential IT barriers. Kevin served as chair for Habitat for Humanity during his time at Minnesota State University, Mankato. He has also served on the WatchGuard Advisory Council since 2016. Kevin’s work with Verus Corp has helped them achieve awards as the WatchGuard Partner of the Year and Cisco Select Partner. Kevin graduated from Minnesota State in 2000 with a major in Business Marketing and minors in Business Administration and Music.