Lessons Learned from Companies That Have Been Hacked

Over the course of the past few years, company data breaches and cyber security attacks seem almost commonplace.  It seems like the list of companies that have been hacked keeps growing — and many of these companies are household names. But anyone can be the target of destructive technologies. So when we look at what went wrong, there are often lessons that apply to the rest of us. Lesson that can help us protect our own businesses and stay out of harm’s way.  Here are a few of our takeaways:

Lesson #1:  Encrypt Your Portable Devices

Coca-Cola learned this lesson the hard way in 2013 when an employee stole 55 laptops from the company’s Atlanta headquarters between 2007 and 2013. As many as 74,000 employees, contractors and suppliers, were left vulnerable to identity thieves, who used their personal information to make purchases, open new accounts — even apply for jobs.

How to Help Lower Your Risk

Encrypt your company’s laptops and other portable devices, so if any of them are lost or stolen, it will be more difficult to access your data. You’ll also want to perform a clean wipe on all computers that are returned when employees leave your company.

Lesson #2:  Be Wary of Insider Threats

The Coca-Cola breach is also a prime example of the damage employees (and former employees) can inflict on businesses that aren’t prepared to handle insider threats. In addition to stealing equipment and data, employees can accidentally download potential viruses and malware or put your data at risk by sending unencrypted files.

How to Help Lower Your Risk

While Data Loss Prevention (DLP) solutions can help, it’s also important to train your employees on company policy, look for trends in suspicious user behavior, and be wary of employees who fit these at risk profiles.

Lesson #3: Your People Can Be Your Weakest Link or Your First Line of Defense

In March of 2011 a group of hackers posed as people RSA employees trusted to gain access to the company’s network. It is estimated that around 40 million employee records were stolen.

How to Help Lower Your Risk

While it’s good to update your software, put up firewalls and install anti-virus software, an experienced social engineer can bypass all of that with one phone call or email.  That’s why it’s so important to train your people. If they know what to watch out for and how to respond, your IT infrastructure will be that much safer.

Lesson #4:  Critical Updates Are Critical

In April of 2014, Premera Blue Cross received a report from federal auditors that they were vulnerable to a cyber attack.  The audit said that the company wasn’t installing critical updates and patches in a timely manner — and software vendors no longer supported some of their applications.  Three weeks later, the company was hacked.

How to Help Lower Your Risk

When you keep your infrastructure up to date, you keep your virtual fortress strong and less vulnerable to cyber security attacks. That’s why it’s so important to install updates and patches right away, and to have your infrastructure monitored for possible weaknesses.

Protect What’s Yours

In some cases, companies that have been hacked could have done things differently. Other times, they put preventative measures in place, and an attack still happened. No one is immune, but prevention is key. So if you’re concerned that your IT infrastructure is vulnerable, talk to UDT.  We can take a look at your entire data center and make recommendations based on your needs and your budget. Contact us for a free consultation.

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

Smishing Attacks are on the Rise—Here’s How To Keep Your Data Safe

Smishing attacks are on the rise, posing a significant threat to data security. Originating from a blend of SMS and Phishing, these attacks have seen a drastic increase since 2020. The widespread use of smishing attacks has persisted, with a lack of awareness being a major issue. Many view these as simple spam messages, unaware of the danger they pose. This blog aims to raise awareness about smishing and provide actionable insights to protect yourself and your organization.

5 Strategic Ways to Master Your IT Budget

Enhance finance IT efficiency with UDT and Cisco. Master IT budget planning, security, and innovation in the competitive industry.

IT Compliance Training for the Finance Industry (Get Your Resource Kit Now)

Download UDT’s IT Compliance Kit for financial services – empowering IT leaders to educate staff on compliance, data protection, and security.

Trend Alert! An Insider’s Look at the Latest IT Solutions for the Finance Industry

Explore the latest IT trends in finance and how UDT’s cutting-edge cybersecurity and managed IT services redefine security for the digital age.

Streamlining IT Operations in the Finance Industry—Top 10 Strategies for IT Leaders

Unleash the power of UDT and Cisco solutions with top 10 strategies to streamline IT operations for finance—enhancing security, compliance, and efficiency.

IT Leaders—Here’s Your Checklist for Disaster Recovery Planning in the Finance Industry

Equip your IT department with a disaster recovery plan checklist. Navigate unexpected technological upheavals with UDT.

Experiencing a security breach?

Get immediate assistance from our security operations center! Take the following recommended actions NOW while we get on the case:

RECOMMENDED IMMEDIATE NEXT ACTIONS

  1. Determine which systems were impacted and immediately isolate them. Take the network offline at the switch level or physically unplug the systems from the wired or wireless network.
  2. Immediately take backups offline to preserve them. Scan backups with anti-virus and malware tools to ensure they’re not infected
  3. Initiate an immediate password reset on affected user accounts with new passwords that are no less than 14 characters in length. Do this for Senior Management accounts as well.

Just one more step

Please fill out the following form,