Imagine someone tampering with your emails, changing bank details on invoices, trying to siphon off your hard-earned money.
We’re hearing this story far too often these days. Local businesses with employees, projects, equipment and customers are becoming victims of some of the most sophisticated hacks we’ve ever seen.
Someone in the organisation clicks a link in an email which gives the hackers access to their device. A computer is breached, holding cookies and Microsoft 365 session information, and the fraudsters were able to gain access from overseas, completely bypassing 2 factor authentication.
Unnoticed, the code sits in the business’s IT system, busily gathering information. As the cyber criminals access Microsoft 365 log in sessions, they now have access to the CEO’s inbox and sit watching, learning, getting ready to pounce.
Once they’re ready, they start to manipulate the flow of incoming and outgoing emails.
Targeting outgoing emails with invoices attached, the cyber criminals alter PDF invoices to change bank details, aiming to get customers to make a legitimate money transfer into their account. Someone forgets to check the bank details on the other end and whoops, a payment transfer is off to the wrong account.
How long does this go on without detection? A day? A week? A month?
Once the breach is mitigated the hackers move onto phase 2.
Spam emails go to EVERY email address the business has ever been in contact with. Hours and hours of time are lost spent trying to identify the weaknesses, deal with the fallout for staff and manage reputation damage with clients and suppliers.
Improved cyber security measures
Unfortunately, this story isn’t unusual. This nightmare highlights significant gaps in a business’s IT system. The protection measures we used 10 years ago, five years ago, even one year ago aren’t enough to properly detect or protect from the threats we see today.
Every business needs to step up their cyber security massively, to implement a holistic 360-degree solution.
By integrating a few security measures, you can drastically reduce your risk. This could include:
- 24/7 security monitoring systems flag and check all number of security metrics.
- Upgrading Microsoft 365 licences to implement conditional access prevents logins from overseas and unknown computers.
- Implementing new internal policies for staff.
Cyber security breaches are preventable
- Premium Microsoft 365 licences have Conditional Access on individual files, which blocks overseas log ins and only allows log ins from registered devices.
- 365 Monitoring creates alerts for overseas log in attempts.
- Endpoint Detection and Response (EDR) is an endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats.
Cyber Smart Policies
We advise all business owners to implement a policy of making a verification phone call when they see new bank account details for a supplier, or they start working with a new supplier. This simple step can save your business thousands of dollars.
Stay one step ahead of cyber criminals and safeguard your business’s financial well-being.
If you have specific cyber security questions, please feel free to book an IT Systems Review or call us to talk to a human IT Specialist.
