Disaster Recovery Worshop (Breakfast)
Before I get started on the tale of Leroy Kharma and the Russians, let recommend a workshop on Disaster Recovery that is being offered by Dan Frederick and Datto on Sept 20, 2019.
To Register: https://claritech.ca/disaster-recovery-workshop or click on this button.
For years I’ve been reading articles and listening to the news about companies getting hacked. The list of companies that have experienced cybercrime is very long and the volume of data compromised is huge: Top 10 of the World's Largest Cyberattacks.
If you use email there is a good chance that someone somewhere can find a password that you are using - right now - or a password you have used in the past. Guaranteed.
The consequence of cybercrime (hacking) is either a public relations disaster or the company ends up paying thousands of dollars in ransom to restore access and data. Either way, companies lose money. In 2016, the University of Calgary paid $20,000 to 2 men in Iran who were later charged but not arrested by the FBI.
Oh No, Not Us
But nothing like this has ever happened with our company or with me personally until a week ago when I got a call from someone who had a strong European accent that sounded Russian.
I could hardly understand what he was asking me: “Are you Mr. Nelson?” (“mister” was my first clue - no one calls me mister). I asked him who was calling and he didn’t give me an answer. At this point, I know someone with a Russian accent was asking who I am and not giving me a straight answer - Hmm, something was not right.
I hung up but he kept calling me on my cell. I mentioned that Jeff Nelson was a good friend of Vladimir Putin’s (the only Russian I could think of, off the top of my head). He laughed. I hung up again. He kept calling but I didn’t bother answering. Then he stopped. A felt a bit of relief until my phone beeped with a note from Messenger. This was not a pretty sight.
The Russians Are coming
This guy, who’s name I never did get, was sending me a message from an account that I was familiar with:
Leroy Kharma, are the names of 2 dogs. One is mine (Kharma) and the other is the name of a dog owned by a friend of mine who used to work with us. We set-up this account on Facebook a few years ago as a way to look at other pages without logging in as ourselves. We haven’t used the account in recent years. I checked and Leroy Kharma had about 9 friends - not very many.
But getting a message from this account and having an old password listed was disturbing. That got my attention.
So far what I knew was:
Someone had my cell number - but that’s no big deal because it’s all over the Internet
This person had a strong European accent - probably Russian
This person had access to an old password - that’s strange but not unrealistic
This person (I’ll call Rushacker) had hacked into a profile on Facebook - alarming!
He had an email and a password - alarming X 100!
He was sending me messages from that account - frightening!
He was offering to “help” - that sounds expensive!
Not Looking Good
Wait for it... Here it comes - another message asking for $10,000. Let’s assume this is USD (a well-known currency in Russia). In CAD that would be just over $13,000. Not a fee I would like to pay.
It is hard to see in the screenshot and I have cut out confidential information but at the top of the image, you can see that Rushacker had logged into a Google My Business account for one of our past clients. This was getting very serious.
I quickly made some calls but it was Friday before a long weekend. All I was able to do was leave a message. I backed that up with text messages and emails.
Luckily, I got a call back in about 5 minutes. I explained the issue and my contact escalated the problem to their IT department. Within 10 minutes they called back on a conference call with everyone important in that company. I was impressed. I explained the details and they said they would take care of it.
I then called my business partner and he checked his email and our bank accounts. Nothing had been compromised but we changed a bunch of passwords anyway. The summary is that no harm was done. But the reality is that we were attacked and our barriers were breached. We had one small hole in the dike and - I’m not going to lie - it was scary! I had visions of no access to our email and our bank accounts drained.
IT security is not my forte. I know a little but probably just enough to get me in trouble. We rely on Dan Frederick and his team at Claritech.ca to backup our data file and for advice.
Prevention is the Key
The current infrastructure and protection against cybercrime in our company are as follows. We use:
Gmail: Secure Email for Business which includes the entire G Suite of products
Complicated passwords https://passwordsgenerator.net/
We are learning to use LastPass with vault protection for passwords.
2-factor authentication with our cell phone (this is what I think really saved us)
Bitdefender on our workstations to protect against threats from viruses, trojans, etc.
Passwords on our cell phone and computers
Dan and Datto are hosting the workshop at our facility. You are welcome to join us.
If you are tight on time you can have a look at these articles by a good friend of mine, Yogi Schultz:
Let me know what you are doing to safeguard your IT infrastructure, systems and data. I’d love to learn more.