A CASE OF THE MONDAYS…

Read an all too common real life story of the vulnerabilities your computer network may be subject to.

In the world of IT there is one day of the week that always seems to bring on a flurry of frantic support phone calls, that day is Monday.  With most office staff taking the weekend off, returning Monday to share their stories of weekend adventures with whomever is within ear shot.

One particular Monday a customer of ours had just returned from a relaxing weekend away with her girl friends.  Sitting down at her PC she logged and went through her standard ritual of checking email, logging into her social media feeds, and lastly opening her accounting program.  Much to her surprise, she received an error which indicated the system was unable to open the accounting file as it was corrupt.  Upon further investigation she discovered other files within the accounting shared folder were also indicating the same error, files may be corrupt.  Confused and frustrated she picked up the phone and decided to call us to investigate.

Our technician arrived on site to troubleshoot initially starting with her PC, running a full system malware scan and checking for the usual indicators of a system infection.  To our surprise the system scan completed and indicated no infections were found.  What could have caused the corruption of the data files in the shared folder?  A few more questions to the customer, who else has access to this office and to the shared files?  Ah, her husband was around the office on the weekend, and come to think of it had indicated he received some strange emails, one with a link from their bank.  Bingo!

Jumping to the second PC, our technician went to work checking his documents folder for signs of tampering, and there it was.  A single text file placed where the user would easily find it.  The message is quite simple, something to the effect of “your files have been locked by cryptolocker and you must pay to receive the key to unlock your files.”  A case of ransomware, the customers files were being held until they paid the ransom.  All because his PC had access to the shared folder on her PC, the malware was able to access the files and encrypt the accounting files.

So how did we save the day and recover the files?  Luckily the customer subscribes to our Secure Online Backup service.  Utilizing the previous Friday backup we were able to recover the Accounting Files and get her PC back up and running again.  As for his computer, we performed a full format and reinstall of his operating system restoring his files from his PC’s Secure Online Backup folder.  Needless to say, he no longer has access to the accounting share on her PC.

Situations similar to this malware attack are becoming common place in todays SMB market as most small shops don’t think the bad guy will come after their information.  “What do I have that they want?” is the response we usually hear when broaching the topic with these customers.  In this particular case, everything.  With their files locked by the malware they essentially had nothing and the business would have essentially stopped.  And without the offsite backup, they would have been forced to either try paying the requested ransom and hope their files would be unlocked or format the system and start from square one.

So how do you prevent a malware attack happening at your business?  At The Phone Experts IT Solutions we recommend a layered approach to security.  Working from the outer edge of your network, down to the individual workstation/laptop/tablet.

The outer edge – A big box store router is not enough to protect your businesses network.  Business security starts with a Next Generation Firewall.  One that utilizes packet inspection technology, intrusion detection, and even content filtering will go a long way to stop these malware attacks at the edge of your network.

Network / Wi-Fi – How do your PC’s connect to your network?  Is there a network plug in their office, one in the boardroom and perhaps a spare beside the reception desk?  How about wirelessly, everyone needs Wi-Fi these days how do you know it’s secure?  Did Jack share the Wi-Fi key with Jane, or perhaps it’s listed on a sticky note at the reception desk.  Ensuring your network connections are authorized and secure can be achieved via 802.1x authentication, enterprise grade security that even the small shops can afford.

Server / Desktop / Laptop / Tablet – Most infections come through the systems used by your staff.  Links in emails, social media feeds, Java vulnerabilities.  Having a light-weight antivirus / antimalware software on your Servers, Workstation and portable PC’s is critical to the overall security of your network, especially if your organization allows these systems to travel outside the corporate network.

Backup and Recovery – In the event that something does happen to get through your lines of defense, a reliable and recent backup is your golden ticket to returning your network back to a healthy state.

The Phone Experts IT Solutions team has your network security covered.  Contact us today for your no obligation network assessment and security review.

David Hetherington
Technical Team Lead

Phone Experts IT Solutions

Comments