INDUSTRY: Manufacturing
CHALLENGES:
RESULTS:
It was 4:00 in the morning, May 20, 2021. Matthew Day, CIO of Langs Building Supplies (Langs) was excited for a long-anticipated holiday after 14 months of lockdown due to COVID-19. His wife was thrilled. All of his friends, ecstatic. But the day took an unexpected turn. Instead of waking up delighted to leave for his getaway, Day woke up to every CIO’s worst nightmare, the dreaded phone call, “We’ve been hacked.” Upon arrival at his office, he tried to bring up the system. Nothing. Instead, what came up was a ransom note, ‘You’ve been hacked’. This is when he realized, “This is not just an unplanned outage. This is a targeted attack. We were profiled,” said Day. “The hackers looked at our business and they took their time. They found a source that we trusted implicitly.” The hacker’s attack vector was a legitimate looking email that came from a proper email address, from the right account, in the right format. The one slight detail that was off was the link within the email. The link that Day’s accounting team typically uses to send purchase orders did not go to them. Instead, it went somewhere else. Two weeks later, the hackers had access to Langs’ systems. They kicked off the malicious attack at 2:00 AM, when they knew no one would be around. “The hackers are smart. So the attack came in waves,” Day explained. The first wave was Friday morning when he got the call. Aaron Pritchard, Langs’ IT Systems Analyst, spent the day cleaning up their environment. Just when they thought they were able to go home, they decided to test the network once more. After logging in remotely, they realized they could not get in. “This was a pretty scary moment,” Pritchard said about being compromised again.