Captain Picard, the Borg, and your Network Security

I love the Star Trek series. A specific episode came to mind when we got the call from a client in IL that their corporate office’s systems had been hacked. But let’s start with the story…

Captain Picard has been assimilated by the Borg and is ‘resisting.’ The crew have somehow got him back to the ship and they’re trying to save themselves from a Borg attack. The Captain struggles through his situation and says ‘sleep’ a few times. The crew finally understands that they should send a command to the drones to ‘sleep’ since it is a low-security command. The crew sends the entire Borg vessel the command to sleep, and they obediently do so, thus saving the Enterprise!

So what does this have to do with our client back in IL? Everything – their corporate offices were hacked through a low-level service account. It was an unimportant service account that did not have the same scrutiny as the rest of the network accounts. It was a service account with a weak password, and it had access to get everywhere in the system – which is exactly what happened. Through this unimportant ‘sleep’ command, the attack hit every server in the multi-state organization and mayhem was right behind.

Fortunately for our client in IL, they have our Datto Backup unit. It’s WAY more than a backup device, it’s a Disaster Recovery unit and it definitely saved the day. Through some excellent efforts by the client’s onsite IT person, supported by some great work and extra effort by Syscon technicians, their data was restored prior to the hack and they were back to work. Many of the corporate offices did not fare so well.

So, what would it cost if you lost all your payroll data so far this year and had to re-enter all employee data (where are those W-4 forms?) and all their payroll detail since January? What if you lost your Receivables list (who owes you what)? What would it cost you to figure out who you had paid and who you still owed this year, and how much? What if you couldn’t access your contracts, pictures, and similar information?

Now, there are two lessons here: passwords need to be cycled frequently (at least every 90 days) and need to be ‘strong’; next, it is incredibly expensive, and maybe even a death sentence to your business to skimp on a Disaster Recovery plan and appropriate equipment. If you aren’t sure these are ‘all set’ at your company, it’s time to take action; give us a call! – CMW