Imagine this....
It is Tuesday morning, 8:42 am. The law office you work for is busy, phones are ringing and staff and chatting back and forth.
The phone rings at your desk, you answer. The caller informs you that a wire transfer for one of your clients finalizing a real-estate deal is happening in the next few minutes. You are going to receive an email with instructions.
Nothing out of the ordinary, this is a routine occurrence.
A few minutes after you hang up the phone you do in fact receive the email with instructions, the documents for signature are accessed via a Dropbox link which is not normal but you have seen it before (these companies all do something different) you think to yourself. You click on the link to access the instructions and print them to show your boss and get a signature.
Something is wrong....
A few minutes after you printed the documents and walked them to the office down the hall you hear Jan saying she cant open her email....Paul across the hall steps out and says the share drive is down for him.
You rush back to your computer fearing what you might find.....
This scenario is unfortunately not an uncommon one. Luckily for those involved the computers they utilize are protected by cutting edge security software and a highly sophisticated Security Operations Center team. The malicious code that was designed to spread throughout the office once the "documents" were downloaded in fact did not spread. The computer where the breach was initiated was safely locked down and sanitized.
Moral of the story:
Security is about layering defense and offense. It is a team sport. This time Huntress industry leading EDR and SOC stopped this nightmare in its tracks. Ensure that your team is employing the best security technology and combine that with training for your staff about threats and scams to be aware of.
The bad guys do not rest, neither can we.