Ransomware Incident — Close to Home

Ransomware Incident — Close to Home

Ransomware threats are something we read about in the news and don’t believe it will ever happen to our organization.  Right?  Wrong.  Ransomware threats are real. 

Earlier this year we helped a client resolve a ransomware attack that could have been devastating for their business. 

It was that historical day of January 6, 2021, when client texts set Deborah Moses’s mobile phone buzzing.  Her team members had already received calls and emails and were on a mission to put out a fire – a key client had been hacked and a ransomware attack took over their computer network and servers.  The VerisVisalign team moved quickly and was able to recover all data from the cloud backups that had been put in place.

Fortunately, once resolved, this hacker divulged how they were able to gain access to the network. In this instance, an old laptop was deployed for an employee who logged in to the servers remotely. There were numerous issues that resulted in vulnerability and ultimately access. First, the end user was logging in using a shared account with a very simple password. The password was very common and easy for the hacker to guess. Second, the end user account did not have multi-factor authentication enforced. Once the hacker guessed the simple password, they had unchallenged access and were in a position to spread the ransomware throughout the environment. Third, the administrator password had not been changed and was fairly simple to crack. The hacker was able to gain administrator access to the client network and servers and deploy their ransomware.

This ransomware attack caused a very stressful week for our client and team as we all worked diligently to identify and resolve the problem.  Having the right security protocols in place, such as Microsoft threat protection, is a step in the right direction to avoid ransomware attacks, and having data backed up to the cloud allows you to recover your data. But, security goes beyond just deploying tools and ultimately requires additional best-practices to be in place as well. 

Through assessments and workshops, we can help you avoid potential disaster and increase your confidence and security for today’s remote work world.  Reach out if you’d like to discuss and learn more.