Case Specifics
A private company based in Pune recently suffered from a server hack. The hackers, who remain as of yet unidentified, were able to get to sensitive financial credentials. Using these, the hackers were able to authorize the transfer of a jaw-dropping 1.5 crore rupees to their own bank accounts. The company officials didn’t even hear the whispers of their movement and only found about the server hack when the loss of money became evident. By that time, it was already too late.
The hackers also wiped off all their traces after the transaction was complete.
Vishwas Salunkhe from the company approached the police and lodged a FIR. The hackers have been booked under Indian Penal Code (IPC) section 420 and certain pertinent sections of the Information Technology (IT) Act.
Senior Police Inspector Devidas Ghevare, the investigating officer of the case, said, “Money has been transferred from the company’s bank account to five different bank accounts. As per the complaint, the fraudster also managed to delete the details of these money transactions from the company’s server. Further investigation is on.”
How to prevent server hack attempts in your organization
There’s not much to go on the about the case. From a security standpoint, one cannot comment whether the point of entry was email or credential theft. But there are some safety precautions you should be aware of (and implement in your organization) nonetheless.
Don’t store financial data without some level of encryption
We’ll get to ways you can keep anyone from reaching your server soon enough. But in the event that they do, do not store sensitive data without an additional level of security. Even setting a simple password to the files in which you store authentication details might make a world of a difference. Also, don’t store such files with obvious filenames like “Login details” etc. Title these files with obscure names that don’t indicate what they contain.
If you want to email credentials to someone in the team internally (and do this only if you absolutely have to), break them down into two emails and send them independently. Logistically speaking, it takes more efforts snooping into two emails without your email security service picks up on the attempt.
Plan for redundancy
In this particular case, the hackers stole the money and then vanished. But sometimes, a server hack can leave behind other complications. For example, the hackers can corrupt the files, delete them altogether, or worse, leave behind a ransomware which can lock you out of your own system. If that happens, you are looking at some serious business interruptions if you don’t have a fallback mechanism. Talk to your server hosting provider about redundant copies of your data.
Implement a Web Application Firewall (WAF)
Recovering from a server hack is possible but it is costly, in terms of both money and efforts. It is better to invest in a security service / tool which will keep such attacks at bay. A Web Application Firewall is one such tool. It sets up rigid filtering rules and blocks malicious server and data requests to your web-based applications. Modern Web Application Firewalls work on machine learning and Artificial Intelligence, and can bring a level of sophistication to your security arsenal.
Reading Resources: Why A Web Application Firewall Is A Must
Logix can serve your firewall needs. We provide dedicated certified personnel with strong analytical skills are assigned to you, who also carry out the implementation, monitoring and risk assessment. Our dedicated Support resources are available 24*7 on all days, hand holding all customers during Implementation, migration & post-sales support. For more details, visit our WAF Services Page.