Helping a Business Crippled By Ransomware
Last month an international business, with its global operations managed from a site in Luton - Bedfordshire, was brought to its knees by a targeted ransomware attack. Faced with the price of doing nothing, our client was pleasantly surprised at, and encouraged by, the cost of PC Help Centre's expert intervention.
Cyber security is big news right now and will continue to be so as the deadline approaches for the compulsory implementation of GDPR measures. As data recovery specialists, PC Help Centre is active in the fight against cyber crime and is proud of its evolving relationship with Bedfordshire Police's Cyber Hub. But, as we all know, prevention is always better than cure. Please take a few moments to absorb the business impact and the heavy price paid as a result of this cyber attack on a local business as you consider the risks of not calling-in PC Help Centre for a Cyber Essentials Audit.
Cyber criminals targeted and brought down a total of 6 servers housed in the head office of a Luton-based business. The opportunity for the sophisticated and aggressive cyber attack was made possible by an insecure website form. Once hackers had mined their way into the first server, they installed malware to monitor unencrypted website login data for multiple users; the hackers then used this data to hack and take-down a further 5 servers.
Far from being a smash-and-grab affair, our digital forensic work revealed that the servers were breached 3 months before the cyber attack that crippled all business communication.
Ransomware is the name for a style of cyber attack where malicious software is embedded deeply into a computer operating system by a hacker to disable a computer and/or network. Once infected, the compromised computer/network can be disabled at will, the cyber criminal holds their target to ransom by demanding payment in exchange for a key that will unlock the hacked computer/network.
The trouble is that criminals aren't known for their honesty. Experience has shown that, far from making the problem go away, paying a ransom often makes things worse. In this case, the Chairman of the target business decided that a ransom would be paid and followed the hackers' instructions for purchasing a Bitcoin to pay the ransom demanded. True to their word, the hackers provided an unlocking key but it only unlocked one server. The cyber criminals had done their homework during the 3 months prior to the attack, by figuring-out which of the 6 servers was the least important and, therefore, which one would be the first to be unlocked. Further ransom demands were placed upon the business if the other 5 servers were ever to be unlocked.
As part of the cyber attack, the target's Exchange server had been compromised and was being used as a relay to email spam on behalf of the hackers. The server was flooded with a queue of over 47,000 emails, causing a blockage preventing the target from sending any email from any of their operations across the world.
Once the crippling price exacted by the hackers' ransomware had become apparent, the target's Director called Bedfordshire Police and was put through to the specialist Cyber Hub unit. The Cyber Hub's specialists made introductions to 3 cyber security businesses, of which, PC Help Centre was one. At introduction we addressed some initial reservations from the target about our size, our abilities and the significantly cheaper cyber security quote we provided by solving, within two hours, the primary problem on the target's Exchange server; one that they'd spent a week trying to fix in-house.
As a direct result of our rapid response, our affordable quotation was welcomed and our cyber security experts, affectionately dubbed Computer Surgeons, were able to secure the network, locate and remove the malware, audit the server logs and report upon the scale of the breach.
We've now commenced a programme of work with the business that has now fully recovered from its ordeal and is strengthening the IT network in preparation for GDPR.
Once a ransomware demand hits the display screens of your IT, you begin paying the heavy price for doing nothing. Don't pay any ransom demand; call Action Fraud and Bedfordshire Police's Cyber Hub. Once you've been targeted and your IT is crippled, you'll pay once to stop the hackers' breach; you'll pay again to recover and restore any lost data; you'll pay more as you lose business whilst you can't communicate and whilst we help you bring your IT back online as soon as possible; what's more, your data breach and loss of data will, under GDPR, risk a fine of up to 4% of worldwide annual revenue. Ahead of GDPR, the cost of a cyber crime audit by PC Help Centre is tiny by comparison.
Business Continuity and Resilience
IT is great until it goes wrong. When the IT hits the fan and our data recovery services are needed, the cost of data loss amounts to the time it takes you to get back to a stable operating state. A Cyber Essentials audit by PC Help Centre will help you plan for the worst, building resilience and planning for continuity into your day-to-day operations - whether that's on a local or a global basis.
Cyber Essentials is a new Government-backed and industry supported scheme to help businesses protect themselves against the common cyber threats seen online. Government analysis shows the majority of online threats could be prevented if businesses put basic security measures in place.
Cyber Essentials builds on this by clearly setting out the five key controls organisations should have in place to protect against common internet based threats.
Businesses can self-assess against the criteria, or seek independent verification from ourselves working with accredited parties and gain the Cyber Essentials badge, which enables your company to advertise the fact that it adheres to a Government endorsed standard.