Very few people, including those in the cyber security industry, have heard of the President and Owner of Fazio Mechanical Services. The company offers services around HVAC, which is an American acronym for "heating, ventilation and air conditioning". Fazio is a small company and only operates in 5/50 states...
Very few people, including those in the cyber security industry, have heard of the President and Owner of Fazio Mechanical Services. The company offers services around HVAC, which is an American acronym for "heating, ventilation and air conditioning". Fazio is a small company and only operates in 5/50 states, let alone internationally, so you are probably wondering why this matters and how a breach of this company would make headlines.
Target Corporation was who the bad guys were after, and it just happened that Fazio was part of the supply chain. The company is number two retailer in the country, with number one being Walmart. In December 2013, their systems were breached and tens of millions of credit/debit card numbers were stolen. It cost them tens of millions of dollars in damages and some senior staff resigned. How did it start? Fazio received a malicious email, which infected their computers and let the bad guys piggy-back into Target's core infrastructure.
So what are the lessons to be learnt? Do not rely on basic and free antivirus software for your computers. At the very least, have proper email security in place, including multiple antivirus engines and file filtering to block obvious malicious (executable) attachments, which could infect.