A few months back we received a call to our help desk with complaints about data not being accessible at one of our customer’s locations. Soon additional calls were landing with the same complaint.
It didn’t take long to realize something was really wrong!
Initial troubleshooting and investigation uncovered what we already feared: They had been hacked!!
Now, they had many security measures in place, how was this possible? We could not figure out how a hacker had come into the network, but we were determined to get to the root of this.
The first step was to determine the extent of the attack and ensure that backups were not compromised. Shared folders and the remote access server was completely encrypted, and a ransom note had been left on the desktop of the server. It didn’t look good!
We had good backups from the previous day, but while any normal business would have been a repair and move on situation, we were working for a Healthcare provider and we had to get other people involved. If data had been taken, the customer had to report it to the authorities and to each customer.
A Forensics Company was called in to analyze the attack and determine if data had been compromised.
In the meantime, we had to restore the network to operational state, which took three days of around the clock work and another week of adjusting. Because of the quality of the backups we were taking, there was no data lost, but for a few days the company was unable to operate at full capacity and was unable to take care of the patients as scheduled.
We also had to report the attack to the FBI, and answer their questions.
Of course, lawyers were called in as they will guide the reporting if required. A complete mess!
After few more weeks of forensic work and insurance and legal questioning, it was determined that no data had been taken from the network and the issue was put to bed. But was it?
The bills for forensic, legal and IT services added to over $10,000 for the customer in professional fees, and for us, it started a company revolution that would change ContinuIT from a technology management company to a Security Management company and ContinuIT Security Corporation was born. Our goal? Never have to see a customer experience the possibility of being out of business because of a cyber-attack!
Today, we deliver a full stack of managed security services that can virtually eliminate the possibility of a hacker getting inside your network and harm your business, your systems and with it the reputation you have worked so much to build.
Small Business are prime target for cybersecurity attacks, mostly because they have not implemented the proper security to remain safe against today’s threats.
To find out if you are leaving your company vulnerable, we are offering a FREE security assessment that will discover if you have the right systems in place to protect you!
The information we collect is not personally identifiable, provides us no access to your patient data or your network afterwards, and is kept confidential. We can only use it to generate the reports you need to fully understand your risk level and what actions need to take place to fix any problems we can find.
You can download a sample of the reports using the form on the right side of the screen.