When hackers have zero cool…
The moment someone mentions the word “hackers” or “hacking” a lot of us begin to feel an array of emotions and memories. Whether it is images of the Anonymous group trying to elevate the reputation of benevolent hacking behind Guy Fawkes masks, scenes from movies like the Matrix or 1995’s Hackers, or some mix of fear and intrigue, the unfortunately mysterious realm of hacking can become very real and significantly less glamorous when it impacts you or your business directly.
Today though… I have a feel-good tale of some in-house heroes and the hacker who now wishes he’d picked a different server to mess with!
It was a quiet Thursday morning here at CisCom Solutions’ Louisville, KY office. The soft rhythm of typing and mouse-clicks and the aroma of coffee carried throughout the hallways while everyone worked their typical patterns of business-as-usual. Then the call came in. A client was having some server disconnect issues, and they needed our team to discover the reason why. At this point, while an inconvenience to the client, it didn’t necessarily raise any hacker-flags… yet.
While the name of the client will remain hidden for obvious reasons, there is one critical fact I will state. This was an un-managed client… meaning CisCom was not actively monitoring this server, so several issues could have been causing a server disconnect. However, when Level 2 Support Manager, Dustin Riley, started considering the issue, it didn’t take him long to discover that this was no “random” disconnect issue. The revelation of malicious activity and the fact that tools not installed by CisCom or the client (tools also to remain undisclosed) were on the server was an immediate alarm. It sent the rest of the support in the office into a flurry of action.
Within moments, Jonathan Broyles, our Senior Systems Engineer, was joined in with Dustin’s session, and he began recording the hacker’s activity live. While monitoring the activity, it was discovered that this hacker was using the server to hide his activity while he used a series of (we assume) stolen credit cards to order computer and cellular equipment. He then would have them shipped to or picked up at various places around the US. As soon as this was witnessed, our Level 1 Support Manager, Scott Brawner, got on the phone with the local authorities in those areas. The goal was to ensure someone other than a friendly store associate or a delivery person was there to greet them.
“Hi! Yes, I’d like to pick up my computer I just ordered with a stolen credit card.”
“Excellent, sir… we’ve already taken the liberty of loading it into that police officer’s squad car. You can follow him now.”
Once Scott finished that round of phone calls, it only took a couple more calls to the FBI and US Secret Service to seal the deal for this digital thief. The following day, a special agent from the Kentucky branch of the US Secret Service and Department of Homeland Security met with Scott, Dustin, and Jonathan to collect all the information. It was that quick thinking and quick action on the part of all three Cyber-Heroes that made such quality evidence available. What they do with him now is, quite frankly, above our security clearance, but one thing is certain, in less than 24 hours, a hacker’s joy ride was turned into possibly the worst day of his life.
There is plenty to be gleaned from this real-life story. Lessons on the value of the right cyber security, knowing who to contact when your IT acts strangely, having a monitored system vs. a set-it-and-forget-it system, the fact that living in any part of the country does not protect you on the internet, and perhaps most of all… when things go wrong (because they do), are the people you count on skilled enough to handle the issue with speed and efficiency.
I know of 3 experts in this industry who are skilled without question. Special thanks again to Dustin, Jonathan, and Scott for their quick decisions. One more criminal is headed where he belongs. As a side note, the special agent sent to collect the information wanted to remind everyone who reads this where you can get more information on how to contact them in situations like this and others. Grateful for his partnership and the reminders. You can find out more at the links below.
If you would like to have the Digital Super Heroes at CisCom Solutions working for your company, be sure to head over to our website and check out all the ways we would love to support you and your business!
As always, if you want to be kept aware of stories like this or just information beneficial to your business, be sure to stick close to this blog, and you can keep from being a stranger by following, liking, and sharing us. Our social media links are at the top of the page!