Cyber Security Story Time - Don’t Be Don

By Unlimited Technology | Sep 06, 2019

Don’t Be Don

 

Ground Hog Day, 2020: Don’s boatbuilding company, Come Sail Away, has been his life’s focus for 23 years. Since 1997, Don has poured all of his money and energy into the business. Through excellence in design and superior customer care, Don developed a stellar reputation locally and has even established a roster of high-profile international clientele. Don has always believed that much of his success has been due to his “can do” attitude. In addition to being a self-taught boatbuilder, Don also learned how to do all of his own accounting, customer management and computer maintenance so that he could take care of the business side of his company. As a result of his tenacity, Come Sail Away was a success by every measure from 2000 to early 2008. The recession in 2008, however, hit his business pretty hard. As a second consequence to the recession, more boutique boatbuilding companies popped up due to more people out of work turning their hobbies into professions. Don fearlessly responded to both challenges the way he always has. He tightened his belt. If it wasn’t essential, he didn’t spend money on it.

Fast forward to today: February 2, 2020. He came down to the workshop on a Sunday morning to pick up some documents and noticed one of the computers was on and flashing. He walked over to the computer and to his horror read the following message:

“I have infiltrated your computers through a Windows 7 security flaw I discovered a year ago and did not report. Now your data is mine. Every file on every device is encrypted. If you want your data back, you must send $750,000 in bitcoin to the following address…”

Don frantically ran from computer to computer. Indeed, every device was locked. Through the haze of his intensely stressed mind, he vaguely recalled receiving an email message last summer regarding Windows 7. Support would be ending in early 2020, but he just thought he’d figure out what it all meant in January. This is the first obstacle that Don has ever faced that he doesn’t think he can overcome with determination.

Explanation: Software companies continuously improve software until they must replace old products, and thus phase out support for them. It’s incredibly important to apply patches when possible and upgrade when old software is no longer supported. If a hacker identifies a vulnerability in software at end of life, they may sit on it and then attack businesses like Come Sail Away right after the last day of support.

Don’s computers were hit with ransomware, a type of malicious software that, once it hits one device, can propagate across other vulnerable devices on the network without user interaction. Microsoft announced earlier in 2019 that they are ending support for Windows 7 machines on January 14, 2020. Based on the number of attacks that occurred after end of life on Windows XP, we expect similar attacks will occur when Windows 7 expires. Don’t be Don. Don’t be caught with unprotected devices. Upgrade end-of-life machines and disable unnecessary services.

Unlimited Technology cares about everyone’s cyber safety and is helping many businesses prepare for Windows 7 end of life. Let us know how we can help your business be more secure and better prepared.

 

 

Amy Williams, PhD, CISSP is VP of Cyber for PSB and Exec. Mgr. of Unlimited Technology Associates in Rockland and Augusta. She served as the Dir. of Cyber for the NYC Crime Commission.

Comments (0)
If you wish to comment, please login.