Dave Hansen | June 22nd, 2018

Recently our team began a new relationship with a client who was experiencing major issues with their IT systems. Their systems had been down for a couple of days when we first got involved and they were struggling to operate their business with almost no access to their technology resources. They were in the midst of a ransomware attack and had an IT professional, whom they had partnered with for many years, feverishly working to try to recover their systems. Meanwhile, they were struggling to keep track of the work they would have to catch up on once their network was restored.

 

After a conversation with them about how we could help, they elected to have us come in to assist with the recovery effort. When a network becomes infected with ransomware a number of things need to happen to bring it back to full operating capacity. Ransomware is designed to infect a system by denying access to files on a computer. It does this by encrypting the files so they are rendered useless until a decryption code is applied or the files are restored from a back-up to a point in time before the attack began. Cyber-criminals use this form of malware to extort a ransom from their victims since the restoration process is often more painful and expensive than paying the ransom and receiving the decryption code. However, electing to pay the ransom leaves the victim in the difficult position of hoping that they are dealing with “upstanding criminals” and that they will receive what they need when they pay the ransom.

 

Fortunately, our technical team was able to remove the infection from their network and restore their systems to a point in time before the attack was launched. This process did take a few days in large part due to the systems in place and sub-standard technologies that were deployed on their network. During this process, our team performed a complete analysis of their network and discovered many technologies that were either designed for home use or simply outdated along with a network infrastructure that contained many glaring gaps in security. The combination of these problems had left their network vulnerable to this attack and led to the long recovery period that they experienced.

 

During a follow up meeting to discuss how this type of incident could be prevented in the future, it was stated that “we trusted our provider to advise us properly.” We encounter this situation frequently. A company has a long-standing relationship with a person or company they like and trust. As long as everything seems to be working in the day-to-day operation of their business, they never question whether they are truly protected. While we agree that is exactly how IT should function in business, it is critical that you take a “trust but verify” approach. You know what they say about assuming anything.

 

Our team welcomes this approach because we are responsible to the security and efficiency of our clients’ IT systems and critical business data. For example, we provide IT service to clients in the banking industry. These clients are highly regulated and must pass annual audits for network and data security. We welcome this process because it verifies for our team that the technologies that we employ for our clients and the measures we take to keep their business secure are indeed working. Additionally, IT security is a living thing with new threats and criminal strategies to combat emerging every day. These audits help us to remain on the leading edge of IT security strategies for our clients.

 

The moral of this story is to be aware that your business is a target for cyber-crime, no matter what industry in which you operate, regardless of the size of your business and even though you conduct business in our small corner of the world in Iowa. If you are connected to the internet, you are a potential target of criminals whose mission is to steal from you. Make sure your business is secure from threats even if you trust your IT staff or provider.

 

Contact me today to have a conversation about what you can do to verify that your business is protected. At ACES, we help our clients plan, protect and prosper using technology that is secure and efficient.

 

https://www.linkedin.com/pulse/trust-verify-dave-hansen/

Is your network secure? Find out with an
ACES Cyber-Security Assessment.

Let’s Get Started