Man in the Middle-Shadow IT Header Image.jpg

Man in the Middle - Shadow IT

Local Security Case Study

Who

A local manufacturing business exporting to overseas clients. The business had up-to date firewalls, anti-virus software and back-end infrastructure. All computers were running the latest versions of Microsoft Windows and Office.

Contributing Factors

Several members of the sales team needed a solution to manage their customer relationships. They agreed to and signed up to a Cloud based Customer Relationship Management “CRM” tool. The sales team did not obtain the sign-off of the management team or IT support provider. All customer interactions and e-mails by the sales team were being stored in the CRM tool.

How

The sales team configured the Cloud solution with minimal security in place. No vetting of the system was undertaken, and user passwords were set to “username123”. This allowed the attackers to easily access the CRM system and review previous communications with their customers.
With access to their clients e-mails the hackers were able to insert themselves into the middle conversations. With this access, they were able to manipulate the conversations.

Case Study 3-Email

Impact

Multiple customers were contacted by the hackers masquerading as their supplier. With previous e-mail history, they were able to communicate with some credibility, and request changes to the bank account that future invoices were paid to.

Man in the middle-highlight.jpg

Analysis

Cloud-based systems allowed users within the business to quickly and easily sign-up for a solution to meet their needs. The solution itself was cost-effective and provided for sales teams requirements. Without the visibility of management or the IT team, the appropriate security controls and safeguards were not put into effect.