Case Study #3: Computer Security Breach

Our team was retained to create a Cyber Security Awareness training program for all employees after a local law firm had a computer system compromised. When an employee clicked on a link in an email message, they inadvertently executed software that allowed the hacker to clandestinely take control of the computer. This gave the hacker access to all locally stored data: Software; Documents; Spreadsheets; Photos and Videos; and E-mails. The hacker could even view the webcam and listen to the microphone, essentially “bugging” the office. Fortunately, the IT team was able to isolate the computer and minimize the damage. However, to try to prevent this type of attack from succeeding in the future, our training program was required for all employees to cover the most common computer security end user risks including phishing, poor password security, mobile devices, social media, etc.