The recent outbreak of the WannaCry ransomeware and the havoc it created globally is a grim reminder of the susceptible state of our online security systems. Such events have shown that no-one is immune to cyber crimes – not large corporations, small businesses, startups, government agencies or even your most benign looking single user.
According to IBM, 62% of all cyber-attacks are targeted towards small and mid-sized businesses. The stats are about 4,000 per day. Small businesses are easy targets due to ease of penetration. A majority of small businesses overlook the importance of securing their online businesses and often become targets of hackers who look to steal or expose essential company data. The range of cyber-crime varies from stealing information to rob bank accounts via wire transfers; steal customers’ personal identity information; file for fraudulent tax refunds or commit health insurance or Medicare fraud.
While some businesses manage to recover their losses, few others are not so lucky and unfortunately have the shutdown. Listed below are the companies which had to shut down their businesses on incurring huge losses due to data breach.
1. Code Spaces
Code Spaces, which was a source code hosting service offering a suite of project management tools to its users, had to shut down in the wake of a devastating hack which wiped away vast amount of data, backups, machine configurations and offsite backups. This happened when the attacker initiated a DDoS attack accompanied by an intrusion into Code Spaces’ Amazon EC2 control panel.
Code Space hack announcement
Even after the attack, the company was unable to resolve the issue and refund the customers who were left without the service they paid for. This led to a huge damage to the company’s credibility and financial position in the market, and eventually a complete shutdown of its services.
The notorious WannaCry affected many systems globally, and one of them was Telefonica: A Spanish telecommunications company. With the ransomware sweeping through its systems, the IT dept of the company had to swiftly shut down all computers systems and VPN systems to limit the ransomware’s reach. According to a company statement, it appears that the ransomware managed to infect an internal server, from where it spread to employee PCs.
Flexispy, a company which marketed covert surveillance tools to jealous spouses and nervous parents — tools which can be installed on their laptops and mobile devices in order to hack into their digital activities, stored photos and messages — was shut down by 2 hackers. The hackers supplied Motherboard with the 13,000 account details of the hacked users of this company, as well as wiped all data from the company’s server.
FlexiSpy allowed the user to spy on anybody’s smartphone or laptop activities
However, the hacker behind the attack carried out his act as a sign of revolt against such demeaning activities, and said that what FlexiSpy allows people to do is “fucking seedy and skin-crawlingly revolting.” The hacker who went by the name ‘Leopard Boy’ states that the goal of this hack was to send a warning to such kinds of industries as a whole. They accessed and compromised the Domain Controller for all of the Windows domains, the internal SharePoint server, and began removing every kind of information and code they could – then handed much of it over to Motherboard reporters.
A similar company named Retina-X was also shut down by the same group of hackers.
4. Medstar Health
MedStar Health, a company that operates a chain of hospitals around the Baltimore and Washington in the US, became a victim of a hospital hack. The company’s network was attacked by an unknown virus leading to a shutdown of its patient database and email system.
A rather absurd hack as there was no bitcoin or any form of ransom request, but the company entered a crisis mode due to loss of all patient records and communication pagers. It largely exemplifies that the enthusiasm behind adopting electronic methods for health management also comes at a price. Such incidents gain widespread media coverage but despite that, a large number of health care organizations still have only a vague understanding of the range of cyberthreats they face.
While a lot of businesses are a continuous target of attackers, the most common and easy target is web businesses. Loopholes in popular CMS’s like Magento, WordPress, OpenCart etc. make them a prime target for attackers. A website firewall like Astra is a highly recommended solution for website security.