Superior Consulting Services Responds to Recent Ransomware Attack at FIMC
September 26, 2018
Recent Ransomware Attack at FIMC
As much as we would love to be updating you on our much-anticipated SharePoint install and data warehouse build, sometimes we’re forced to put the brakes on our plans in order to accommodate unforeseen events. Such is the case recently at FIMC.
Summer was going along swimmingly. Bill and Bella, while initially a bit reluctant to hand over the business, finally settled into the retired life. They went on their first vacation in years and were truly able to relax! With each passing week, they felt increasing confidence in their two sons and their ability to successfully handle day-to-day business operations. They were beginning to understand why John and Dustin brought in SCS to create technology solutions and what they didn’t understand seemed to be working regardless, so they quit questioning every decision their sons made.
The Call No One Wants to Get
The end of August, however, Dustin called us in a panic. FIMC’s computer system was attacked by ransomware. Less than a week shy of starting on our next phase of updates – a SharePoint install and data warehouse build – we rerouted our course of action and got right to work on their emergent situation. The first step? Calming Dustin down. We assured him that our infrastructure team is highly trained in the ins and outs of data security – both in assessing vulnerabilities and working to restore lost data. While this wasn’t going to be an easy task, we knew precisely where we had to start.
SCS Comes to the Rescue
Fortunately, the new owners had physical backups in place – one of the first updates they made when they took over company operations – and they didn’t have to pay the hacker’s ransom to unencrypt their data. Unfortunately, however, the malware took out all of FIMC’s servers and email. In the process of restoring the servers, we discovered that their backups could be more secure and made a few tweaks to increase their security. Even though they weren’t yet operating with cloud servers, their basic backup system made it possible to restore all their missing files – a tremendous relief for all involved!
How Did FIMC Become Vulnerable?
Just like John and Dustin, you’re probably wondering how FIMC became vulnerable to the security breach in the first place. FIMC, like most companies, receives an influx of daily email from outside vendors, all of which looks legit to an untrained eye. As it turns out, however, one of the recent vendor emails had been hacked and when someone internal opened a malicious email with macros enabled, the hacker wiggled their way in and bam! Ransomware.
Deciphering Legit Emails From Their Malicious Counterparts
It’s crucial to be able to decipher legit emails from their malicious counterparts. Our team sat down with Dustin and his management team and taught them what to look for in order to readily spot malicious emails. Some of the red flags to look for are instances where…
The message contains an embedded/mismatched URL
The message contains poor spelling, grammar and typos
The message pertains to something unexpected or uninitiated
As you might imagine, Bill and Bella were worried sick when they first learned about the attack. However, once they realized that having backups meant restoring lost data, they breathed a sigh of relief. Bill admitted that John and Dustin’s proactive backup plan was a wise idea. “Initially, I thought it was silly. I mean, we had been operating for decades without backups in place and there can be a hefty price tag when it comes to technology like that. Besides, we were always careful to keep our data secure. Well, let’s just say, it was a smart move. And it’s a good thing this didn’t happen 12 months ago!”
Looking Forward to Our Next Project
Now that the ransomware attack is behind us, we are excited to circle back to our SharePoint install and data warehouse build which is rescheduled to begin the first part of October.
Disclosure: Foam Injection Mold Company is a fictional organization created to allow SCS to more fully convey the details of business needs and technical environments related to actual solutions created by SCS without infringing upon the privacy of our clients. All SCS consultants, technical expertise, consulting services provided, and implemented solutions referred to in the Foam Injection Mold Company articles are real! Only the client names and lines of business have been changed to protect the innocent.