About the Firm
The client is a professional services organization in the Midwest and Western United States. They are a top player in their field regionally and have been a partner of GadellNet since 2017. With their permission, they let us share their journey to Multi-Factor Authentication (MFA), so you can make sure your organization is prepared.
About the Incident
The firm experienced a incident to their cloud-based email and file storage platform as a result of a targeted phishing attack. They were tipped off to the incident when the payroll system flagged a transaction for $150,000 for three hours of work made payable to a fictional employee. To compound the issue, the incident happened the same week that the payroll accountant and the company’s CEO were both out of the office.
The firm had transitioned to the cloud because of a ransomware attack on their previous on-premises environment. In that situation, the servers had been taken hostage via the use of an old admin password. When the cloud migration project was completed, the firm was advised to implement multi-factor authentication. They opted out of the implementation until a more convenient time.
As soon as the incident was mitigated by GadellNet’s cybersecurity team and the environment had been resecured, the main point of contact met with their dedicated GadellNet account manager to talk about implementing MFA.
Key Learnings
- Being proactive by implementing security measures like Multi-Factor Authentication is the best deterrent for data incidents.
- Most data incidents occur because an employee accidentally lets in a bad actor. These guys are getting good, not to mention patient, which is why it is of paramount importance to train employees on how to detect phishing scams.
- Since email addresses are usually also a username, hackers already have access to half the information they need to access the system.
- Employees can be targeted based on their role within the organization.
- Once an incident has occurred, it is likely that the bad actor will return in short succession. Remaining vigilant, even after the first attack has been stopped, is the best way to protect against further data loss.
The Result
MFA can seem like an annoying extra step, but it could be the difference between a secure server and a major incident. Since GadellNet implemented MFA, the firm’s leadership have reported that they sleep better at night knowing that the solution stops 99.9% of attacks from email.
Attacks like this one can no longer be treated as an “if…”, they are a “when…”. Bad actors are becoming more adept at infiltrating your systems and attacks are becoming harder to identify. Without proper cybersecurity precautions, your organization could be left exposed. If you have questions about how to activate MFA at your organization, please contact us today.