The recent outbreak of the WannaCry ransomware and the havoc it created globally is a grim reminder of the susceptible state of our online security systems. Such events have shown that no-one is immune to cybercrimes – not large corporations, small businesses, startups, government agencies, or even your most benign-looking single user.
According to IBM, 62% of all cyber-attacks are targeted towards small and mid-sized businesses. The stats are about 4,000 per day. Small businesses are easy targets due to the ease of penetration. A majority of small businesses overlook the importance of securing their online businesses and often become targets of hackers who look to steal or expose essential company data. The range of cyber-crime varies from stealing information to robbing bank accounts via wire transfers; stealing customers’ personal identity information; filing for fraudulent tax refunds or commit health insurance or Medicare fraud.
While some businesses manage to recover their losses, few others are not so lucky and unfortunately have the shutdown. Listed below are the companies which had to shut down their businesses on incurring huge losses due to data breach.
1. Code Spaces
Code Spaces, which was a source code hosting service offering a suite of project management tools to its users, had to shut down in the wake of a devastating hack which wiped away vast amount of data, backups, machine configurations, and offsite backups. This happened when the attacker initiated a DDoS attack accompanied by an intrusion into Code Spaces’ Amazon EC2 control panel.
Even after the attack, the company was unable to resolve the issue and refund the customers who were left without the service they paid for. This led to a huge damage to the company’s credibility and financial position in the market, and eventually a complete shutdown of its services.
The notorious WannaCry affected many systems globally, and one of them was Telefonica: A Spanish telecommunications company. With the ransomware sweeping through its systems, the IT dept of the company had to swiftly shut down all computer systems and VPN systems to limit the ransomware’s reach. According to a company statement, it appears that the ransomware managed to infect an internal server, from where it spread to employee PCs.
Flexispy, a company which marketed covert surveillance tools to jealous spouses and nervous parents — tools which can be installed on their laptops and mobile devices in order to hack into their digital activities, stored photos, and messages — was shut down by 2 hackers. The hackers supplied Motherboard reporters with the 13,000 account details of the hacked users of this company, as well as all wiped data from the company’s server.
However, the hacker behind the attack carried out his act as a sign of revolt against such demeaning activities, and said that what FlexiSpy allows people to do is “fucking seedy and skin-crawlingly revolting.” The hacker who went by the name ‘Leopard Boy’ states that the goal of this hack was to send a warning to such kinds of industries as a whole. They accessed and compromised the Domain Controller for all of the Windows domains, the internal SharePoint server, and began removing every kind of information and code they could – then handed much of it over to Motherboard reporters.
A similar company named Retina-X was also shut down by the same group of hackers.
4. Medstar Health
MedStar Health, a company that operates a chain of hospitals around Baltimore and Washington in the US, became a victim of a hospital hack. The company’s network was attacked by an unknown virus leading to a shutdown of its patient database and email system.
A rather absurd hack as there was no bitcoin or any form of ransom request, but the company entered a crisis mode due to the loss of all patient records and communication pagers. It largely exemplifies that the enthusiasm behind adopting electronic methods for health management also comes at a price. Such incidents gain widespread media coverage but despite that, a large number of health care organizations still have only a vague understanding of the range of cyber threats they face.
While a lot of businesses are a continuous target of attackers, the most common and easy target is web businesses. Loopholes in popular CMS’s like Magento, WordPress, OpenCart etc. make them a prime target for attackers. A website firewall like Astra is a highly recommended solution for website security.