A Tale of Computer Sabotage Fixed in Just One Day
The Setup
Twin City Bearing had a huge problem that was costing them business. Company leaders had a falling-out with their former computer technician, and they suspected that the technician had sabotaged their computer systems.
Turns out, it was even worse than they’d imagined.
After the first computer service they’d called was unable to diagnose or fix the problem, they called somebody with forensic and security expertise. They called us.
We got the call one quiet day in September. The call was a unique one. Their business database had stopped working and they had reason to suspect foul-play. The details built up about various other things that had gone wrong, as well.
The short version is that their previous computer consultant was on bad terms with them and they believed he had sabotaged their computer systems.
On the Case
When we rushed to Twin City Bearing’s warehouse right after receiving the call, we immediately disabled any remote access features on all of the company’s computer systems. This would hopefully keep any further mischief from occurring.
While doing our scans and checks, we noticed that their line-of-business program, their database, had been removed on their server, thus seriously interfering with their ability to conduct business.
When we called the company’s web-host, we also uncovered the fact that the rogue technician had changed contact information on the account, as well as the password, thus locking company leaders out of their own website!
The Plot Thickens
The company’s router was also blocking certain websites, including sites important to doing business. There was risk that the attacker would change the password to their email addresses as well.
To top it off, someone had programmed the company’s fax machine to forward orders to a competitor! We’d never seen anything like this before.
Upon further inspection, we discovered that the technician had connected to the company’s database the night before all these troubles began, and so he was clearly implicated in the plot.
Case Closed
The problems were huge for the company — but in just one day, we were able to recover all the data and rebuild the database, thus allowing the company to once again receive orders and communicate with customers. We also installed a functional backup system and improved all manner of usability in their computer systems, as well as replacing the router to allow employees to use important websites.
To regain control of the website required legal action — and to assist Twin City Bearing in getting their site back, we testified as expert witnesses in court. After a legal battle, Twin City Bearing finally got back control of their domain. Case closed, and our companies have been working together even since.