8: The Dangers of Cyber Negligence: A Ransomware Attack Story

By /

Story 8: The Dangers of Cyber Negligence:

A Ransomware Attack Story

 

Disclaimer

 This story is entirely fictitious, and all characters and incidents are products of the author’s imagination. It does not relate to any person, living or deceased. The sole purpose of this story is to spread awareness among readers.

 

Recently, these U.S. agencies have been actively working to raise public awareness about cyberattacks and cybersecurity threats, cyber negligence, and educating individuals, businesses, and critical sectors, including banks, colleges, and government institutions. The Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) and the Cybersecurity and Infrastructure Security Agency (CISA) have been informing all departments, offices, and the public about these threats. They use a range of methods, like public alerts and bulletins, cybersecurity awareness campaigns, social media, and websites to spread information. Everyone is advised on how to avoid cyberattacks and protect their data. Special emphasis is placed on using genuine websites and identifying cyberattacks, as well as protecting data by installing trusted tools and apps from officially authorized platforms such as the Apple App Store, Google Play Store, Amazon Appstore, Samsung Galaxy Store, and Microsoft Store for Windows. Other precautions are also provided for employees of organizations using computers.

Jordan, who is the manager of the bank, carefully follows all this information. He is intelligent and wise, and understands the importance of cybersecurity, especially since he works in the Information Technology (IT) Department. As a result, he keeps himself informed and encourages his colleagues to follow agency notifications to stay updated. He regularly explains to his friends and colleagues the importance of cybersecurity.

But his friend Debil, who also works in the IT department, ignores all his advice due to his carelessness. He always says, “Hey friend! It doesn’t matter; our systems are secure, and we shouldn’t worry so much about security. Our bank is very strong, and even if something happens, those above us will handle it.”

Debil downloads files indiscriminately on his personal computer with internet access and uses his USB drive freely. He opens any email without checking the sender’s authenticity and keeps the USB port of the bank’s computer enabled. Due to this careless habit, he ignores notifications on the bank’s computer advising him to update the firewall and antivirus, often dismissing them.

One day, he neglected to update his antivirus and firewall when a file needed to be transferred from one computer to another. Due to maintenance work on the email server, the bank’s email was not functioning. If the e-mail server was working smoothly, he might have sent the file to himself from one PC and opened the email on another computer, then copied the same file from there. But In a rush, he didn’t think so much and plugged his USB pendrive, which he uses frequently on the open internet PC, and inserted that same pendrive into the bank’s computer, ignoring that it should not be used in the Bank’s system. Also, he must have disabled the USB driver of Bank’s PC. After transferring the file, Debil felt relieved, not knowing that the USB drive contained hidden Ransomware from an email he had carelessly opened. This Ransomware began infecting the bank’s system and quickly started encrypting files. Before Debil realized it, his entire system became encrypted, and the Ransomware spread to other systems. Within minutes, a notification appeared on the screen, stating that the system had been hacked.

The Dangers of Cyber Negligence A Ransomware Attack Story

Sweating, Debil panicked and immediately called Jordan, saying, “Sir, I don’t know what happened; it says the system is hacked.” Jordan suspected Debil’s negligence. He ran to the office, examined the screen, and shouted, “Disconnect all LAN cables or power cords immediately!” Jordan rushed to the LAN junction box, calling the head office. Chief Manager Anderson from the IT team picked up the call. Jordan said, “Sir, I believe we’ve been attacked by Ransomware. One of our systems has been encrypted, and another is also affected. I fear it could spread to the network.”

Here,  it’s important to note that Ransomware is a type of malware that encrypts files through phishing emails. Encrypted files become unusable without a key, and the Ransomware alerts the attacker, who demands a ransom for the decryption key.

At the Head Office, Chief Manager Anderson asked, “Are you certain it’s a Ransomware attack? What makes you think so?” Jordan replied, “Sir, as Debil mentioned, the system where he inserted the USB drive was first encrypted, and a ‘system hacked’ message appeared. Now, the other system is also affected, but the hacked message hasn’t appeared. So, I am confident it’s Ransomware. I have disconnected the other computers. Please ensure it doesn’t reach the network.”

Hearing this, the IT team quickly disconnected all systems linked to Jordan’s department. Chief Manager Anderson then called Jordan, instructing, “Do not make any payments or answer unknown calls.” Jordan replied, “Yes, Sir, I’ve disconnected everything and informed everyone not to tamper with the systems. The other systems are shut down to prevent further infection.” Chief Manager Anderson praised Jordan for his quick thinking.

Debil was stunned and sat down, overwhelmed. He murmured, “What will happen now? My job, my family, everything is at risk.” Jordan approached him calmly, saying, “It’s alright. I’ve already backed up the data. Don’t worry.”

The IT team at the head office disconnected all connections to Jordan’s department, installed anti-Ransomware software, and removed the Ransomware. Jordan had anticipated such risks and had backed up all critical data. The next day, he and the head office team restored the computers using the backups, saving the bank’s network.

Due to Jordan’s prompt action, the bank recognized him with respect and warned Debil that future negligence would lead to suspension and a two-year salary freeze. Thanks to Jordan’s diligence and swift response, the bank avoided a major loss.

 

Moral of the story

This story highlights the importance of taking cybersecurity seriously, following best practices, and regularly updating protective measures. Jordan’s awareness and responsible actions, like following guidelines and maintaining data backups, demonstrate how preparedness can prevent disasters. In contrast, Debil’s negligence and overconfidence reveal the risks of ignoring cybersecurity protocols, especially in sensitive environments like banking. Similarly, there are many moments in our lives when we ignore caution and safety, continue doing some tasks, and think, “This is just a small task, why should I think so much about it?” Gradually, it becomes our habit. Remember that carelessness always invites a big crisis. We should develop a habit in our lives that, no matter how small or big the task is, if we do it with caution and safety, then it will yield better results. Any task that is done carelessly leads to bad results, and this applies everywhere, whether it is your career, studies, or anything else.

AuthorTirthan Ryder

 

© 2016-2017 storiesfounder.com/ All rights reserved

 

 

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top