For most people when you hear about a cyber attack you most likely think of a massive scale attack vs a large corporation that includes some form of malware. While these things are true in actuality a cyber attack can take many forms and today I am going to walk you through several cyber attacks to debunk a few myths about them.

The Myths

  1. Organizations’ can be too small to be the victim of a cyber attack.

What you need to know

Before I get started on breaking these attacks down there are some things we need to define.

  • Antivirus: Antivirus software, or anti-virus software, also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. (Source: Wikipedia)

Attack 1: Retail Ransom

A few years back I received a phone call from a small retail organization that had lost access to all of their files and needed their access restored. At the time I knew nothing about their environment as I had never engaged with them until this point outside of an initial phone call days before. Upon arriving I was quickly brought up to speed on their infrastructure which consisted of two computers being used as point of sales systems and a server for hosting their financial software and was connected to the other two systems. After a very brief investigation, I came to realize that their systems had been compromised and all of their information had been ransomed via ransomware. The attack can be broken down as the following:

  1. The attacker sent an employee a compromised email containing an infected spreadsheet.

After this attack lucky I was able to help them with rebuilding the lost data from outside sources. However, it took a total of 18 months for a customer to completely recover all the lost information and re-inventory their warehouse. When we look at this scenario we see that the first myth gets completely busted as this organization only had three systems and the effects of this attack were thousands of dollars in operational cost to recover.

Attack 2: Contractor Contact

A more recent attack happening earlier this week. We saw one of our clients get attacked via a phishing campaign from a known good vendor. This attack can be broken down into the following steps:

  1. Our clients’ vendor had fallen victim to a cyber attack the following week and the attackers had gained complete access to the vendors’ email systems

This attack had little ground though once they harvested credentials from the assistant. This is due to the security practices that we enforce for our clients that blocked the credentials from being used to log in successfully. Looking at this attack though you can see that it debunked both the second and third myth as the attackers used nothing more than an email and fake website neither of which is a form of malware or an attack vector that antivirus would catch. It is also to note that because we stopped the attack and rendered it useless that every organization that was in the vendors’ contacts probably didn’t and that this attacker will more than likely move between victims until they reach a larger organization. Once the larger organizations are reached a more powerful campaign would be launched and if infiltrated the organization that the organization pivoted from will probably be on the hook for the damages caused if infiltrated.

Attack 3: Municipal Mayhem

We are privileged to be able to tell this story from one of our cybersecurity partners and report that they completely stopped this attack. During the attack, the threat actor took the following steps to attack a municipality:

  1. A phishing email was sent to a city employee which was used to deploy an executable file. The phishing campaign was successful and the threat actor stole the employee’s login credentials.

How to stay safe?

Email Security: One of the common denominators in all the attacks was the use of email as the entry point. Though email is not the only entry point that an attacker can use it is the most common. At Lockedheart we push our clients to use both a spam filtering service as well as an AI-Based Anti-phishing tool to stop email threats before they make it to the inbox of end-users.

Layered Endpoint Protection: There is no silver bullet for cybersecurity and if someone tells you there is, they are lying. Cybersecurity should be taken on in layers of protection. At Lockedheart we use several layers of security for our clients from the cloud to the endpoint as seen in attack two when we were able to stop the attack even though credentials were stolen, a secondary defense was able to stop it.

Password Management: The most cost-effective way to stop cyber attacks for small and medium businesses is the use of a password manager. Passwords managers come standard in our managed services offerings. They cut down on cyber attacks because like in attack two when credentials are stolen they can be replaced much faster and not by another common password that is used for other accounts.

Want to learn more about keeping your organization safe from cyberattacks contact inquiry@lockedheart.tech or call (470) 440–0548 today or visit https://lockedheart.tech.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Lockedheart Technologies

Lockedheart Technologies

Official Medium page of LockedHeart Technologies