Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Small business - All computers were jacked after hours


  • Please log in to reply
5 replies to this topic

#1 kurtybird671

kurtybird671

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 12 February 2017 - 05:34 PM

Good day everyone,

 

I come to you for some guidance on a horrible dilemma my company has faced last week.

it seemed over the weekend, a bunch of hooligans broke into our company and ONLY took our computers and hard drives. This scares me a lot because its as if these people were more into getting information than anything else our company offered. (we're a small aviation company, so there is a abundancy of parts laying around well worth some good change.)

 

computers containing accounting info, routing #'s, credit card info, personal employee info, and company mail were all taken. Of course I logged onto the server as quickly as I could and changed passwords on everything, but I fear I may of been too late.

 

My question to you: is there anything I could do to prevent this from happening next time? a better server module? I was reading up on the hybrid module as where sensitive info would be stored in the "cloud" while others remain hard lined. I wanna prepare myself to where if these people do succeed in taking my computers again, all they WOULD be getting are these computers and not our companies data.

 

 

I apologize if this is way too broad of a question.

Before anyone bashes me on security cameras, sensors, etc.. I'm only the sysadmin here. I will leave all that other stuff to management & property security.

 

 



BC AdBot (Login to Remove)

 


#2 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:26 PM

Posted 12 February 2017 - 05:55 PM

Your server was not stolen. Because it's not in the office?

 

For the workstations and harddisks: you could implement full disk encryption (or at least encryption of the disk/partition with data).

But then you have to make sure that the computers are not left unlocked out of office hours (e.g. when the theft happened).

Are there laptops too?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#3 kurtybird671

kurtybird671
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 12 February 2017 - 06:06 PM

sorry, I meant passwords to everything as I do run hostmonster for all our emails and websites..

and to your question, yes, just about all of operations run on laptops. I take it thats a No bueno and i should implement an upgrade to desktop?



#4 musicbits

musicbits

  • Members
  • 63 posts
  • OFFLINE
  •  
  • Local time:03:26 PM

Posted 12 February 2017 - 09:01 PM

Google "full disk encryption".

 

An option for protecting laptops is https://lojack.absolute.com/en/products/laptops



#5 kurtybird671

kurtybird671
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:26 AM

Posted 12 February 2017 - 11:22 PM

you guys are thee best. Any recommendations on which particular one is like apples fbi proof?


Edited by kurtybird671, 12 February 2017 - 11:23 PM.


#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,734 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:26 PM

Posted 14 February 2017 - 03:36 AM

No, you don't have to replace your laptops with desktops.

 

I was asking because laptops have batteries, and thus if the employees leave them powered on, the thieves can walk away with them powered on.

So if you implement full disk encryption, instruct laptop users to shutdown or hibernate their laptop when they leave.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users