How Malware Strikes: A cautionary tale

Have you ever had your phone go missing? What if that missing phone ended up in the hands of a malicious hacker? It's a scary thought, but it's a reality that some people have unfortunately faced. Today, we share the chilling tale of one person whose lost mobile phone ended up being used as a tool to spread malware in the company they worked for.

Through this story, we'll learn what you can do to protect yourself and your data. So, join us as we take a deep dive into this cautionary tale of malware…

Alex has been running his own recruitment company for the past 4 years. Business is growing at a good pace and the future looks promising. Alex is a good boss and has a team of 8 working for him.

Last December Alex treated the staff to a Christmas team night out, everyone had a great time. Only problem? Sophie the office admin manager, had a few too many cocktails and, on the way home she left her phone in the taxi.?

She was devastated. She tried to trace her phone the next morning but had no luck. She didn’t want it to ruin her Christmas so she decided to use a spare phone over the holidays and deal with replacing her lost phone in the new year.

Everyone had a great Christmas and before they knew it the holidays were over and it was back to work in January. Sophie told her colleagues the story of how she lost her phone in the taxi on the night of the Christmas party but luckily she was able to get a replacement pretty quickly.

Unbeknown to anybody the recruitment agency had been hacked over Christmas and there was malware on the company’s network.?It wasn’t until March that things started to go terribly wrong.

Malware takes many different forms, it can look different for everyone. However, some of the most common symptoms of malware infection include:

• Slow system:?One of the most common signs of malware is a slow computer. Malware can noticeably slow down your operating system, programs and bandwidth.
• Lack of storage:?Malware can eat up storage space, leaving little room for legitimate programs and files. If a plague of unfamiliar programs is slowing down your computer, search the programs’ names online to make sure malware hasn’t infected your device.
• Crashing or freezing:?Either technical problems or malware could cause regular computer crashes. Make sure that all your drivers are up to date and your programs are compatible with your hardware. If it’s not a hardware or software issue, malware might be causing your Blue Screen of Death.
• Pop-ups and unwanted programs:?Constant pop-ups or unfamiliar toolbars are one of the most annoying signs of malware. Don’t click on any pages or toolbars that pop up out of the blue — close out of the program and run your anti-malware software immediately.
• Spam:?If your co-workers mention that they’ve been receiving messages from you that you don’t remember sending, you’re likely a victim of malware. Caution them not to open any links or attachments within the messages.

Alex had always felt confident in his technical skills until, after months of computer crashes and staff members getting increasingly frustrated with him, he finally called IT Support. The experts found out that a virus had been on the network since Christmas - remember when Sophie lost her phone? It ended up in the wrong hands; so much for password rules. As Sophie was the office manager, she had full control over everything: payroll information, client data, HR records, finance reports.

Alex had no choice but to report the data breach to the Information Commissioners Office (ICO), clients, and staff. The ICO investigated the data breach and fined the company for not having proper procedures in place to protect their or their client's data. As with most horror stories, there was no happy ending - due to the cost of the fine and damage done to its reputation, Alex's business couldn't recover; it folded.

This story is an unfortunate yet realistic warning for all small businesses who don’t understand the dangers of cybersecurity.

How could this situation have been prevented?

Access All Areas: Sophie having full access to all data is a big no-no.?We strongly advise all members of staff only have access to their specific area.

Enable 2FA: Ensuring all staff has Two-factor authentication enabled is adding an extra layer of security to your data.

Staff training: A potential data breach needs to be reported immediately. Having this process documented in your IT policy is vital and ensuring your staff are fully aware of the policies and procedures. Here are six IT polices you need to have in order to keep company information secure.

As a business owner, it's vital that you are supported by technology and cybersecurity experts to precent incidents like the above happening.?

Get in touch with the team at Focus Technology Solutions to ensure your business doesn’t end up like Alex’s.