fbpx

Services

9

For Business Owners

Get ahead, stay secure. Our managed IT services make it easy.

9

For IT Managers

Take your IT management to the next level with our expert support.

Useful Links

Home

Return to our home page.

About us

Find out more about Computer Care

IT Health Check

Complete our IT Health Check to see how fit your IT is.

Search

Enter your search term and press enter.

Our E-CASH Model

9

Cyber Security

Safeguard your business with our top-of-the-line cyber security services.

9

Artificial Intelligence

Unleash the power of AI and watch your business thrive.

9

Smart Systems Management

Intelligence meets technology for a smarter future.

9

Hybrid Working

Transform hybrid work challenges into real opportunities with our solutions.

Sector-Specific Solutions

9

Accountants

Cyber security and automation solutions for accountancy firms.

9

Engineering

Maximise your IT investment to make your engineering business thrive.

9

Sports clubs

Network and infrastructure solutions for sports clubs.

Contact

9

Contact us

If you would like to get in touch, contact us here.

9

Client portal

For access to your support portal and helpdesk.

9

Remote support

For access to our remote support downloads.

Resources

Articles

Keep up to date with the latest news and technology.

Webinars

Check out our informative webinars covering a range of IT topics.

Knowledge Base

Check out our informative knowledge base articles covering a range of IT topics.

Case Studies

Explore how Computer Care has transformed some of our client’s businesses

Mar 8, 2024 | Case Studies

A Company’s Ransomware Nightmare

by

Why Cyber-Security Should Be in Your Board Room Discussions

In the ever-evolving landscape of cyber threats, ransomware remains a formidable challenge for businesses of all sizes. This article unfolds a real-life scenario where a UK-based company, with 100’s of users, fell victim to a ransomware attack. Their experience serves as a cautionary tale for businesses to proactively fortify their cyber defences.

The Incident
Late one night, over a weekend, an external executed a Ransomware attack through a workstation equipped with remote access software. The initial breach was a result of a phishing attack, allowing the hacker to gain remote access to a computer through a seemingly trivial website. The hacker, having roamed the digital corridors of the company, identified valuable assets, planning the most effective way to cause the maximum damage.

Unfortunately, some older servers were still on the network and because of this, weak encryption was used which made it easier for the hacker to enumerate user accounts then use these to access critical data and execute the ransomware attack, encrypting file shares, servers, services and anything attached to the network. Fortunately, the company’s tape backups, being offline, remained unaffected, enabling a gradual recovery of operations.

Involvement of Computer Care
Computer Care was approached to diagnose the breach, understand its origins, and formulate strategies to prevent future occurrences.
The investigation revealed several critical shortcomings:
1. Inadequate Antivirus Protection: The company used a standard antivirus product, which lacked advanced, non-signature-based features essential for modern cybersecurity. Non-signature methods, unlike traditional ones, monitor the intent or behaviour of software, effectively blocking suspicious activities.

2. Outdated Infrastructure: Their firewall systems were outdated and lacked essential features like zero trust network access and Unified Threat Protection (UTP). Additionally, the use of obsolete Windows servers significantly weakened their security posture, as the network had to operate at the security level of the most outdated system.

3. VPN Vulnerabilities: The use of Synology VPN software, necessitated by their old firewalls’ inability to support VPNs, exposed the internal network to risks, as it allowed direct internet traffic into the network.

Recovery and Reinforcement Measures
The primary response involved upgrading their cybersecurity infrastructure:
– Replacement of the old antivirus with sophisticated alternatives like Sophos or Trend Micro, which offer enhanced monitoring and proactive threat detection.
– Phasing out of outdated servers, to eliminate weak links in the security chain.
– Implementation of modern Fortinet firewalls, featuring zero trust network access and UTP, to robustly monitor and control network traffic.
– Replacement of the vulnerable VPN system with more secure alternatives, integrated within the new firewalls.

Key Takeaways and Conclusion
The incident underscores the criticality of staying vigilant and updated in cybersecurity practices.
The following lessons emerge for business owners:
1. Regular Updates and Upgrades: Continuously update and upgrade both software and hardware components to keep pace with evolving cyber threats.
2. Choosing the Right Protection: Opt for antivirus solutions that offer advanced, behaviour-based threat detection and response capabilities.
3. Heeding Expert Advice: Proactively engage with cybersecurity experts and heed their advice to address potential vulnerabilities before they are exploited.
4. Comprehensive Audits: Regularly conduct thorough audits of your network and systems to identify and rectify potential security loopholes.

The recovery story of this company, from a victim of a ransomware attack to a business with strengthened cybersecurity, exemplifies the importance of proactive measures. Business owners must recognise that cybersecurity is an ongoing process, requiring constant vigilance and adaptation to emerging threats. Don’t wait to become a victim; act now to protect your business.

× WhatsApp us Available from 08:30 to 17:30 Available on SundayMondayTuesdayWednesdayThursdayFridaySaturday