By: Jessa Mikka Convocar on May 6th, 2022
What All Businesses Can Learn from the Gazelles Cyber Theft
Cybersecurity isn't an issue to be casual about.
With all the recent hacking and defrauding across all business industries, you should know by now how a compromised network can affect your entire organization. One slip-up can cost you financial, legal, and reputational damages that you may or may not recover from.
However, robust cybersecurity cannot function alone. It comes with proper employee training to ensure that your business runs smoothly and safely.
And this is demonstrated clearly in the true story of Verne Harnish, CEO of Gazelles, Inc., a very successful and well-known consulting firm, way back in 2016. This is yet another case that points to the need to have the maximum amount of cybersecurity and cyber safety awareness of everyone in the organization concerning your computer networking vectors.
It all began on the morning of October 11 when Harnish was on an unsecured public network prior to giving the day's closing keynote speech at the Atlas business Forum in Moscow.
Harnish believes that's when his account was hacked. He had just given instructions to his assistant to wire a substantial amount of funds to an account in Spain, prompting the hackers' algorithm to scan for vulnerabilities and opportunities to steal the funds. It wasn't until two days later, though, that the actual theft of almost half a million dollars was detected.
Unfortunately for Harnish, it was too late to salvage the stolen fund, and his bank was proven not responsible for replacing the money. Fast forward to the present time, Gazelles were able to get back on their feet and continue the business. But that's not always the case.
For some businesses, it would be hard to recover, if they can recover at all. Recent statistics have shown that 60% of small businesses that are victims of a cyber attack file for bankruptcy within six months. That's a risk no business owner would be willing to take. So if you're not prioritizing your cybersecurity and awareness, you should start now.
Here at ITS, we help hundreds of clients bolster their network defenses to avoid business disasters like Gazelles' cyber theft. In order to do that, you must first understand how the attack happened.
The Gazelles Cyber Theft
As mentioned, the attackers went for the weakest link in the organization–humans.
Apparently, the hackers based in Hong Kong sent an email to Harnish's assistant, imitating his communicative style, subject line, and signature.
In the email, they asked her to wire funds to three different locations. It didn't seem strange to the assistant because Harnish was then involved with funding several real estate and investment ventures. The assistant responded in the affirmative, and the hackers posing as Harnish replied in kind, effectively defrauding him of $400,000.
In order to cover up the crime, the hackers deleted Harnish's daily bank alerts, which he didn't notice in the first few hours as he "was busy with meetings in Moscow and traveling." By the time he saw the abnormalities, the attack had already transpired.
According to Harnish, the crime was also possible through a call-in verification, which his bank suggested, to cut costs in exchange rates and fees when wiring internationally. With the call-in, the assistant's voice was verified, and then they called her back to confirm. Obviously, the attempt to cut down on finances failed, and they even lost more money due to the cybersecurity hole.
A pricey lesson learned
Harnish (and anyone familiar with his story) has gained extreme clarity on how and when to do big financial transactions. Certainly not while on unsecured Wi-Fi networks and not without in-person meetings and confirmations.
But aside from that, the incident shed light on the importance of cybersecurity, especially for businesses that handle sensitive data. Stories such as this one show people that cybercrimes are real and victims suffer actual losses. Take this story of Harnish and apply the lessons to your business.
Protect your business from cyber theft
Cyber theft and other cybercrimes are more rampant today, especially in a technology-dependent world. Everyone's a target, and if you don't start acting now, you might be the next casualty.
As a Managed IT Service Provider, ITS knows how important cybersecurity is. We implement protocols and systems that ensure our cybersecurity infrastructure can stand against any risk, the same we do for our hundreds of clients.
The way you handle your cybersecurity tells a lot about how you value the longevity of your business. If all these seem overwhelming, here are just a few of the ways you can do to start improving your cybersecurity:
- Implement a patch management policy
- Set up appropriate cybersecurity solutions such as:
- Conduct regular security awareness training for everyone in the company
For a more in-depth read, download this e-book on the 3 Types of Cyber Security Solutions Your Business Must Have.