The True Cost of a Security Breach

Arrow pointing right
ExtraHop Logo
  • Productschevron right
  • Solutionschevron right
  • Why ExtraHopchevron right
  • Blogchevron right
  • Resourceschevron right

Arrow pointing leftBlog

Things That Go Bump in the Network: Part III

The Ghosts That Haunt You


October 28, 2021

Saving the day is all in a day's work for those working in cybersecurity, but the job also comes with a fair amount of fingernail biting. Because of that, throughout October, we've been sharing stories about the monsters that keep us up at night and asked you to do the same.

We love a good ghost story, but October is also cybersecurity awareness month. With that in mind, we're shining a light on everyday threats and the people who fight them by rounding up a few of your own cybersecurity tales and adventures.

Swarm of Attacks Ravaged an Entire Industry

Malware can feel a lot like the digital version of a zombie apocalypse: It can spread indiscriminately, infecting med, robust organizations and small ones alike, and once it starts, it can be hard to stop the attacks. One company found themselves a tad too close to an outbreak, but successfully kept the organization from being infected.

"At one point last year quite a few companies in an industry we serve were hit with malware and/or ransomware attacks. Some of the biggest companies in the industry were effectively shut down for a few days. Most of the companies compromised were not our customers but some were. Our customers that were hit were only using our SaaS products and our services were not impacted. For a few weeks we were on high alert and things were tense."

Invite the Nice Man with the Pokey Teeth in. What Could Go Wrong?

Say you live in New Orleans, Sunnydale, or—stay with us here—Forks, WA, and mysterious bite marks started showing up as a leading cause of death. You would tend to be a little suspicious of any stranger with dated fashion choices, pale skin, and pointy teeth. In fact, you'd probably do anything you could to prevent anyone with that description from entering your house.

When one security professional tried to close the door and uninvite attackers, the people in charge of the bottom line thought it wasn't worth the hassle.

"At my last job, we had recently acquired a small company who we discovered was running their accounting software on a server with RDP open to the internet after installing our SIEM. I alerted our director of infrastructure, and after discussing it with our CIO, they decided it would be too disruptive to mitigate this until they were migrated to the corporate domain. So they signed off on the risk, and things were quiet."

True to form, vampires only strike after dark.

"On a Saturday night at 11pm, the SIEM alerted on some strange activity on that server. A user in marketing had remoted in, someone who should never need access to that system, and run a script."

And security professionals are the ones who save the day.

"Since it was an acquisition, I had no admin access, so I called one of my overseas coworkers and he was able to remote in and shut the server down. It was later determined the ingress was from a data center in Germany with a set of phished credentials. Thankfully, because I caught it quickly, the first actions were only automated and the malicious actor was unable to do any damage or exfiltrate any data."

RDP Security Best Practices

Battle Worn? We Hear You.

In the cyberdefense industry, we know all too well that the threats lurking in the night (and day) are very real and very persistent. Our job is to try to make it easier, but for many people in the IT field, fighting them off is still downright exhausting. What keeps one security professional up at night?

"Ransomware and all the havoc they have caused."

Let's face it, cyberdefense can be a high-stakes, high-stress line of work.

"Always patching and checking, and rechecking. Do I have enough in place? What else can I do?" From anti-phishing education to security hygiene for third party vendors, the work is never over, and it's infuriating. Every time I see or hear a big company getting hit, it makes me so mad. We have been able to keep them at bay, but it's exhausting."

Ransomware is a real-life monster, and keeping them out of your network is a never ending battle that every cybersecurity and IT professional faces. The good news is, a lot of you are winning your battles, even if the war against these threats is far from over.

Thanks for sharing your stories, and have a happy Halloween!

Explore related articles

Experience RevealX NDR for Yourself

Schedule a demo