When “Let’s Connect” Becomes “Pay the Ransom”
LinkedIn offers professional connections, not protection. Your only real defense is suspicion and practice.
Story is how we explain the world to each other. Always has been. I write Stan’s Corner to help turn complex cybersecurity into something people can understand—and then do something about.
The story.
Sally ran business development for Abel, Lindsey & Howe, a 60-person consulting firm, and like most of us she treated LinkedIn as home base for her workday.
It was on LinkedIn that she met “Bill,” VP of Operations at Esposito & Orr Enterprises, a mid-size manufacturer. Bill had invited her to connect based on their having several mutual connections and Bill’s search for a consulting company that could help them grow. Sally described how Abel, Lindsey & Howe’s strategy consulting might help Bill achieve their ambitious growth strategy. Things looked good as Sally began to nurture the relationship.
A few days later, Bill sent what she’d been waiting for: “Here’s a quick overview of what we’re seeking to do. Looking forward to your thoughts.” The message contained an attachment which Sally downloaded and opened; a 1-page overview of Esposito & Orr’s growth plans. Unknown to Sally, the attachment also contained malicious software (malware) that went through the firm’s defenses like a knife goes through soft butter.
Two weeks later, files on the company server wouldn’t open. Within hours, everyone’s screens displayed the same blunt message: their data had been encrypted and the company would need to pay $250,000 in cryptocurrency to get it back. Projects stalled, customers were put off, and the firm’s leaders spent days with incident responders and lawyers trying to dig out.
Even with good backups and excellent cybersecurity management it still took them five days to fully recover. The cost to the firm was more than $500,000. And this doesn’t count damage to the firm’s brand.
The lesson.
LinkedIn is fast becoming a cybercriminals favorite friend. It’s easy to create fake profiles and build trust. But LinkedIn provides little security. Its messaging is less secure than emails. And downloads can sneak past a company’s security controls.
After the incident, the firm updated its training. Users were trained to treat LinkedIn messages like they’re coming from a public street, not a trusted office. They were taught to be very cautious in clicking links or downloading files directly from LinkedIn. “Always be suspicious” became their mantra.
The company paid a steep price to learn this.
Everyone on social media — LinkedIn, Facebook and others — needs to be like Sally has become: Always be suspicious.
If this story motivates you to want to do better, please reach out. I’m the founder / president of SecureTheVillage, a nonprofit making a difference. We work with smaller businesses, nonprofits, and the MSPs who serve them. Email me now to protect your assets and minimize the impact of inevitable disruption. StanStahl@Substack.com.
Reasonable Cybersecurity: From the Boardroom to the Living Room is free today. But if you enjoyed this post, you can tell Reasonable Cybersecurity: From the Boardroom to the Living Room that their writing is valuable by pledging a future subscription. You won’t be charged unless they enable payments.