Gary Hibberd

Author: Gary Hibberd

Date: 30th October 2020

 

It was a dark and stormy October evening when Sam sat quietly at home watching TV. The children were tucked up safely in bed, and she was relaxing watching re-runs of ‘Only fools and horses’, her favourite TV show.

Smiling at the screen, watching Del Boy and Trigger trying to act like ‘Yuppies’ in a wine bar, she glanced idly at her phone. At that exact moment, a notification appeared, telling her she had new mail.  Casually she picked up the phone and opened her inbox, and the email.

“Dear Sam, 

We’ve been alerted to a number of scam emails coming through, and have been monitoring the network closely. It would appear your malware protection has not been updated for some time, and we urgently need to rectify this.

You may have noticed your PC has been running slower over the last few days, and internet access may have also been affected. If this is not the case, then please ignore this message. However, if you feel there may be a problem, then we need to update your system as quickly as possible.

At your earliest convenience, please contact the helpdesk on 0800 456 123. We apologise in advance if there is a delay in responding as we’re trying to update a number of systems and our resources are limited.

Our team are operating 24 x 7 until this is resolved so please call us if you are in any doubt.

Thank you in advance.

Head of Technical Support

Melanie Shorter”

Sam placed the phone on the arm of the chair. An icy chill ran down her spine. Her Zoom calls did seem to be getting worse, but she put that down to the number of Zoom users. And her PC certainly hadn’t been running as fast as it had when she first got it.

As she watched Del Boy fall through the bar, and Trigger looking on confused, her mind began racing. “What about the Finance report I’ve been writing? Is that safe? What about the presentation to the Board?”

After ten minutes of deliberation, she decided to open her laptop. Sure enough, it opened, but it did seem slower than before.  Her heart began to beat heavily in her chest. The image of her manager berating her for not backing up her files, or losing the presentation and report only added to her rising anxiety.

Come On! What is wrong with you?! The laptop seemed to be mocking her as it launched each application in turn, and she eagerly ‘clicked’ her way through into her email, to read the message once more.

 

The Call

Reaching for her phone, she called the number and waited. After what seemed a life time, the phone was answered, but her heart sank.

“Thank you for your call. All our Engineers are busy right now. Please wait, and we’ll be with you shortly.”

Sam’s mind was beginning to swim; When was the last time that she rebooted the PC? Wasn’t she meant to do that daily? Or was it weekly? Did she need to do something to update the Malware software? Wasn’t that IT’s job?

After what seemed a lifetime, there was another voice at the end of the line.

“Hello. IT Support. How can I help?”

“Hi. Yes. I’ve just received your email about malware protection. I’ve noticed a few issues, but not sure if I’m running the most up to date software.”

“Ah. Ok. Thanks. I’m Frank, and I’m sure I can help. Don’t worry; it won’t take long.”

Franks reassuring tone instantly put Sam at ease. He didn’t sound frustrated or annoyed that she should be calling so late, and it was good to know that he’d be able to sort it out for her.

“So what I need from you is your email address, and I’ll send you a link. From there, I’ll be able to diagnose which version of the Malware software you have installed, and if needed, I can perform a remote update. I promise you won’t feel a thing!”

They both laughed as Sam provided her name and email address. To confirm he was speaking to the right person, Frank asked her to name her line manager and the name of the head of finance.

“You can never be too sure who you’re talking to,” Frank said, as he hit ‘send’ on the email.

Sam watched as Frank took over her PC and talked her through the process he was going through to verify her malware protection was up to date.  For some reason, her heart was pounding as she waited for the software to run its diagnostics and return the results. But Frank reassured her that there were a lot of people currently going through the same thing. “It’s nothing to worry about. We’ll get this updated soon enough.” He told her calmly.

Finally, Frank announced that she was ok. It was slightly out of date, but he confirmed that if she shut down her PC, not only would the update happen overnight, but her issues with the internet should be resolved too.

Sam breathed a sigh-of-relief… hung up the phone, with a heartfelt ‘Thanks’, and shut down her pc and retired to bed, for a peaceful nights sleep.

 

The Fall

For several days Sam went about her work as normal. Working remotely during COVID19 hadn’t represented too many issues for her. She was comfortable with holding video conference meetings and regularly catching up with her team meant it wasn’t such an issue.

As time passed by, Sam forgot about her call with Frank, and life continued as normal. That was until the day her line manager Clive called a team meeting.

“Guys, thanks for coming on the call today.  We’ve got a problem, and I’m here to deliver some bad news.  Our systems have been hacked by a team of hackers calling themselves ‘The Fall’. They’ve somehow found their way into the network, and they have stolen our customer database.

They emailed us this morning with a small batch, as a ‘sample’ of what they have, and they’re threatening to go public with it. If we don’t pay a ransom, they’ll inform the public, email our clients and have even said they’ll inform the ICO!”

Sam listened intently as Clive explained that they were working with the IT team to find out how they got in, but also with the police to agree on a way forward.

“We don’t’ really have a plan for this sort of thing.” Clive was explaining. “We thought we had all out bases covered, but it might be that they tricked someone into giving them access to our network. So if anyone received any emails, clicked on any links, talked to anyone suspicious, let us know.”

Sam’s finger hovered over the ‘unmute’ button, as she considered asking if anyone else had had a call from ‘Frank’? But she froze as if gripped by some invisible force. She knew that force was called fear. What would happen if she mentioned it? What if SHE was the one who allowed this to happen?

Clive was speaking, but Sam’s mind was racing. Better stay quiet and hope it all blows over, she thought to herself.

Finally, the meeting ended, and Sam slumped back on the sofa, breathed a heavy sigh, and closed her laptop.

 

The Fall-out

Sam was never quite sure why the company had to let so many people go. Perhaps it was the economy and the stresses of COVID19, or perhaps it was just because the company had decided it needed to streamline some of its processes.

Sam and more than half of the business were now looking for a new job. The incident with the hackers was a distant memory. I’m sure it had nothing to do with me, or that call, she thought as she scrolled through the ads for vacancies. I’m sure it was ok.

 

Moral of the story

It wasn’t ok…

The business was lost, and people lost their livelihoods, including Sam.

But what did Sam do wrong? Did she do anything wrong at all? What about the company? What lessons can we learn from this event?

The lessons are wide and varied. The lessons are there for all that wish to see them. Some are obvious, and others are not. 

If this happened to you, your team or your organisation, what would you do?

Not every horror story ends well… they’re called horror stories for a reason. 

Good luck. Sleep well… And don’t let the Cyber bugs byte!

Other resources

Cyber Success Stories

Cyberfort’s cybersecurity consultants work with everyone from public sector bodies and global businesses to SMEs and start-ups. Read our success stories here.
Find out more >

What can Cyberfort do for you?

Check out our factsheets for detailed information on the matrix of cybersecurity products and services we offer to protect your business.
Find out more >

Cyberfort Deep Dives

Cyberfort’s cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >

Receive knowledge to your inbox