Contact us today!

888-686-3025

K² Technologies Blog

K² Technologies has been serving the Gillette area since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

How a Single Hacker Stole $100 Million From Two Major Tech Companies

How a Single Hacker Stole $100 Million From Two Major Tech Companies

An unfortunate fact about the modern business world is that any organization that utilizes technology is playing with fire. Cyber attacks can circumvent even the most well-protected networks through the company’s users. This is, unfortunately, something that business owners often don’t learn until they’re on the receiving end of an attack; just like the two companies that fell victim to phishing attempts that were supposedly operated by Evaldas Rimasauskas, a Lithuanian hacker who has been accused of stealing $100 million from them.

According to acting United States Attorney Joon H. Kim, “This case should serve as a wake-up call to all companies--even the most sophisticated--that they too can be victims of phishing attacks by cyber criminals.” These words apply to the business world for one major reason: the public doesn’t know who, specifically, the two affected companies are. All that we know is that one of them is a “multinational online social media company” and the other a “multinational technology company.”

Rimasauskas is facing charges of orchestrating a phishing attack that was supposed to convince the victims to wire transfer funds into accounts in Latvia and Cyprus. The U.S. Department of Justice explains that this feat was accomplished by building a company in Latvia with the same name as a computer manufacturer in Asia. The fake company then used its new identity to reach out to companies that had a known relationship with the Asian manufacturer or its services, claiming that there were balances that had yet to be paid. Following the wire transfer, Rimasauskas would then divvy up the funds for transfer to various global bank accounts.

These allegations have brought wire fraud charges against Rimasauskas that could potentially land him in prison for up to 20 years, as well as three more counts of money laundering, each also worth a maximum of 20 years each. To top it all off, he has a single count of aggravated identity theft with a minimum of two years in prison.

So, what can your business learn from this incident? Well, the first is that these victims were described as “multinational,” meaning that they are large countries that are easily recognizable. Companies as large as these certainly have the means to protect themselves from the odd phishing scammer, but the perpetrator was able to bypass these security standards by targeting the users directly.

The old adage, a chain is only as strong as its weakest link, still holds strong; and, in situations like these, that link is painfully clear. For smaller organizations, the need is only more important, as it becomes more critical to shore up this particular weakness. Larger organizations have more difficulty ensuring these high standards for all employees. It’s important that each and every member of your staff understand company security policies.

The second lesson that you can learn from this event comes from the process used by hackers to defraud businesses. Considering that many hackers will only want to put in the minimum amount of effort to hit their targets, it’s logical to assume they would rather go after an easier target than invest more effort with no possibility for a return. It’s simply a matter of how much work it is to get around enterprise-level security.

What happens when all it takes to collect data is writing a couple of emails and setting up bank accounts? A hacker can then communicate with the target and take whatever they can get, and do the same thing to any other companies foolish enough to fall for the trick.

The biggest takeaway from this event is that you can’t ignore the basics. Training, in combination with powerful enterprise-level security, can be a great way to ward off potential attacks. In fact, companies are quite rarely breached due to advanced threats, and are often brought down due to something small that was overlooked, like a spam email or access log discrepancy.

You won’t catch K² Technologies ignoring important details that could threaten your business. For more information about what we can do for your network’s security, reach out to us at 307-686-3025.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 28 May 2017
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code

Tag Cloud

Office Tips History Crowdsourcing Disaster Communication 3D Printing Office Virus Google Apple Telephony Government Recovery Update Android Security Legal Going Green IT Service Corporate Profile Email Word Paperless Office Vendor Management Mobile Device Google Docs Unified Threat Management Cybercrime Mobility SaaS Mobile Data Sports Tip of the Week Risk Management Robot Computer Malware Administration Webcam Tech Support Social Media IT Solutions Notifications Backup Cabling Maintenance Samsung Business Gadget Automation IT Services Help Desk Humor Alert Supercomputer Gmail Google Maps Collaboration Websites Virtual Reality Privacy Social Managed IT Services USB Compliance Sync Writing Training Business Growth BDR Politics Save Time Managed IT Services GPS Hackers Twitter Browser Google Drive Saving Money VoIP Black Market Disaster Recovery G Suite IT Support Save Money Flexibility Relocation Data Management Holiday Business Continuity Motion Sickness Business Management Small Business Microsoft Office Botnet Mobile Device Management Mobile Device Managment Computer Repair Law Enforcement Personal Information Managed IT Artificial Intelligence Technology Big Data User Tips Smartphones Windows Network Congestion Retail Network Security Printing Hosted Solutions IBM Content Filtering Internet Computing Tracking Mobile Devices Electronic Medical Records Remote Monitoring Administrator Operating System Hard Disk Drive Taxes Hardware Dark Data Work/Life Balance Hosted Solution BYOD Apps Upgrades Encryption Error Money Ransomware Web Server Settings Computers Solid State Drive Licensing CCTV Uninterrupted Power Supply WiFi Server Emoji Business Computing Efficiency Innovation Meetings Best Practices Physical Security Bring Your Own Device Miscellaneous Software Facebook Staffing Unsupported Software Windows 10 Software Tips LiFi Backups Smartphone Computer Care Machine Learning Customer Service Wi-Fi Monitors Telephone Systems Office 365 Document Management Identity Theft Cybersecurity Managed Service Provider Regulations Travel Processors Education Workplace Tips Hacker Chromebook Point of Sale Health Passwords Cloud Computing Cameras Outsourced IT How To Downtime Remote Computing Internet of Things Virtualization Productivity Digital Payment Cloud Cortana App Microsoft Productivity Safety Data Backup IT Budget Password Wireless Technology Upgrade Phishing Automobile Firewall Files Budget IT Consultant Mouse Data storage Social Engineering Infrastructure Network End of Support Tablet Outlook IT Support Display Storage Private Cloud Cleaning Wireless Information Technology Public Cloud File Sharing Data

Blog Archive

Sign Up for Our Newsletter