Ransomware Risks from Poor Security Practices

Explore how proactive measures can protect against ransomware and secure your organization from cyber threats.

TL;DR: Sometimes employers don’t do enough to educate their workers about cybersecurity best practices. Sometimes employees fail to heed recommended security protocols. Two case studies show that being proactive protects against ransomware and prevents incidents.

Let me share a true story. The Cyology Labs team was called in to handle an incident response because a few executives’ email inboxes were being accessed by someone other than them. We quickly discovered that one of the organization’s techs was using duplicate credentials across multiple accounts and social media accounts. The company had failed to set up two-factor authentication on at least two of his accounts. Unfortunately, it was the administrator’s password.

The company had recommended two security best practices. First, do not use the same login for more than one account. Second, apply two-factor authentication for additional protection. The employee neglected to do so.

This weak security enabled hackers to easily infiltrate the company’s network, where they disabled and deleted all data backups, local and cloud. And after sabotaging the organization’s backups, the hackers then installed some ransomware and demanded payment. Without a usable backup, the company needed to pay the ransom to recover its data. The criminals wanted $700,000, and the client didn’t want to pay.

We negotiated down to $332,000, and the company paid it. It was either pay it or lose their business.

What You Can Do

First, set up automatic scans to check each client’s security settings on each network location. This ensures that your security policies are being enforced. Second, generate an automatic alert when two-factor authentication is not turned on where it should be. Third, a lot of businesses have never had an audit, or it’s been years since their last audit. Where they stand today is another question. We’ll even be able to pull up a report that shows suspicious failed logins. 

Why is an account failing logins over 40 times in the last 24 hours? Is this an attack, or a malfunctioning software? Who knows until we run the audit and perhaps discover embedded ransomware.

The sneaky former employer

In another case, we were called in when a company suspected a former employee of hacking their network. An engineer quit his job to start his own business in direct competition with the company he left. According to court documents, the engineer hacked his former company’s server using a former co-worker’s stolen credentials. 

Once inside the network, he was able to retrieve AutoCAD files, design schematics, project proposals, and budgetary documents, all information that could provide a competitive advantage over his former employer. The value attributed to the proprietary information he stole was between $250,000 and $550,000.

For his efforts, the engineer was sentenced to 18 months in prison and two years of supervised release.

What You Can Do About Ransomware

Establish “exit procedures” for employee turnover that include the immediate removal of ex-employees from Active Directory. Scan the network daily for suspicious log-in attempts by ex-employees and others, and generate an alert for each incident.

The businesses that benefit most are the ones that take the time to get their systems right first. Schedule an audit to defend against ransomware at www.CybersecurityMadeEasy.com to assess your readiness and strengthen your operational foundation before you start building on top of it.

Stay informed, protected, and one step ahead of fraudsters with Fraudster, the ultimate mobile app. Download now and receive real-time push notifications, stay updated on the latest frauds and scams, and gain valuable tips on safeguarding yourself. Available for iOS and Android, Fraudster is your trusted ally in the fight against fraud. Don’t wait! Visit http://www.FraudsterApp.com to learn more about our mission and start securing your digital world.

Scroll to Top