Spooky Tales of Cyber Crime: Proof Cyber Attacks are Living Nightmares
Many people consider the month of October "spooky season" due to its most beloved holiday: Halloween. Did you know, however, that October is also National Cybersecurity Awareness Month? Some might call this a coincidence. We believe it to be perfect timing.
After all, cybersecurity is indeed about protecting your business from terrifying and ghoulish cyber crimes. There are plenty of real-world examples of these as well. Our own employees here at Centre Technologies have witnessed situations in which businesses endured horrific consequences (or barely avoided them) because of a lack of cyber security. After reading these tales of cybercrime, you'll want to keep an eye out because cyberattacks are real-life nightmares.
The Phantom Emailer
Some of the most chilling cyberattacks are the ones that don’t raise a hint of suspicion at all. One International Oil and Bulk Chemicals Shipping company got to experience this first-hand. Not only did it almost cost them $3 million in loss, but it all started with a single phone call from a particularly annoyed customer.
This customer had been receiving email notices for payment from an Accounting and Financial/procurement specialist at the company... at least, that’s what it looked like initially. These emails were getting increasingly aggressive in tone as they continued to demand payment. Finally, this customer had enough and decided to pick up the phone to call the company about the payment demands.
Now on the phone with the Accounting and Financial procurement specialist responsible for these emails, the two came to a shocking realization: none of the emails that the customer was referring to came from the Accounting and Financial procurement specialist.
REVEALING THE PHANTOM
Further investigation into the matter revealed that the emails being sent out were, in fact, evidence of an active phishing scam.
The mystery attackers on the other end of the screen phished the Accounting and Financial procurement specialist’s email account, using it to exfiltrate invoice records and gather information about transactions.
These attackers were not only actively gathering sensitive employee and customer information, but they were also emailing fraudulent notices for payment to hundreds of customers on many sites throughout the world.
Thanks to the annoyed customer, the company started implementing security controls into its IT infrastructure.
BEWARE OF THE PHANTOM EMAILER
To this day, this company takes extra precautions when it comes to what emails they open, what links they click, and what passwords they use.
If one doesn’t implement cyber security into their IT infrastructure, they too could be the next victim of the Phantom Emailer.
A GHOULISH FOURTH OF JULY
In this spooky tale, told by Thomas Flores, one company gets an awakening they never asked for and a little lesson on why it's important to not talk to strangers.
"Our story starts off on a bright sun-filled Friday afternoon before the Fourth of July not too long ago.
All of the employees at a well-known construction company supply store were excited about the upcoming holiday weekend. They were all discussing plans. Some were going to cook hotdogs and hamburgers with the family, others were traveling out of town.
Little did they know that their plans would not be as rosy as they were hoping for. What they didn’t know was that ghouls had been lingering in their IT environment - for weeks. These ghouls would soon request a ransom all because one user clicked on an email link.
But as you may have guessed it, it wasn’t just any link it was one with a magical incantation that called a script and to install a remote access toolkit. The user didn’t think anything of the couple of pop ups that happened on their computer and didn’t want to disturb the it guys because they were too busy."
A HOLIDAY WEEKEND TO NEVER FORGET
"Once the company closed up for the night, the ghouls invited their friends for a party at the company's expense. The attackers knew there would be little to no one working that weekend or checking for things going bump in the night. So they launched their evil plans.
Ransomware was deployed in the environment across 2k endpoints and across multiple domains impacting everyone. An entire company brought to its knees not by a Hostile corporate takeover, but by a lack of cyber hygiene.
Since it was a holiday weekend, alerts slipped through the cracks and proper procedures for containment were not followed. By the end of the weekend, business came to a halt. The ghouls requested a sacrifice of $10 million for the encryption keys to the servers and workstations and not release information that they had found within the environment. The damage was too much to recover without back ups so the ransom was paid."
WATCH OUT FOR THE RETURN OF THE GHOULS
"The company was undisturbed by the ghouls for the next several months, protecting the company against other evil doers but all good things must come to an end. When the ghouls came back and infected everything again, they demanded yet another ransom.
This goes to show you that your parents were right and that you should never trust strangers."
The voices of truth
When the IT guy asks to implement security measures that protect a business from ghostly cyber activity, the most common attitude is similar to the famous Ghostbusters lyric: "I ain't afraid of no ghost!".
For one Oil and Gas Company, a lack of cyber security ended up bringing them face to face with their worst nightmare.
It all started with an employee who could not access a file. This employee escalated the issue until it was discovered that the file had been encrypted. The IT team uncovered a file in the same folder from a Russian hacking organization called "Conti". The file was cryptically named "We gotcha".
A COSTLY PAYOUT
Not only did this incident cause the company downtime, but there was only one way that they could retrieve their data again.
Conti asked for a whopping $5 million in exchange for this file. This company would lose double that amount due to the ransom, data loss, and business outage combined.
Now, this company runs ongoing maintenance to protect their data from internet goblins like Conti. As for the CEO? Legend says that to this day he can still hear the voices that encouraged him to secure his data before Conti attacked.
DON'T WAIT UNTIL YOU HEAR VOICES TOO
If you'd like to make sure that your IT system is secure to prevent events like this one from happening to your business, consider our IT Security and Infrastructure Assessment. It's a natural repellent to those pesky haunted voices.
a data thief in the night
This last Spooky Tale of Cyber Crime takes us on a short trip back in time to the summer of 2018. What started out like a normal summer ended up being a nightmare unlike any other.
One nonprofit medical company bound by HIPPA would go about their daily operations as usual while, unbeknownst to them, hackers were creeping into their data. These hackers were preparing to lock the company out and issue a major blow.
WHO YOU GONNA CALL?
Because this company had a lack of current cyber security systems, Vulnerability Scanning, and even Security Awareness Training, they left themselves vulnerable to hackers.
These mysterious hackers ended up requesting approximately $50,000 to return the data back to its rightful company.
In order to clean up this mess, an IT team was sent to the site to decrypt the data on their workstations. This process took 2 ½ to 3 weeks to fully recover everything.
RECOVERING FROM THE ATTACK
Luckily, the company was advised and assisted in incident response. Over the course of 1 week, their servers were systematically restored.
They also engaged their cyber insurance and are currently working with Forensics teams on the data breach, even today. With an event like this one in their history, it's not surprising that they opted to improve their IT environment in every way possible.
DOn't become another spooky tale
We hope these stories can give you a glimpse into all the ghouls, goblins, and witches that prey on IT environments that are not prepared or protected.
There's always one out there waiting for the right opportunity, but you don't have to leave your business wide open. Contact Centre Technologies to ensure that you too don't become another spooky tale of cyber crime.