Cyber Tales: Concrete Solutions for digital threat prevention

BOXX Client Profile: Phillip Nguyen
IT Manager at AggreGREAT Alberta

BOXX Hackbusters Save the Day & Pave the Way for an Alberta Aggregate Company’s IT Team

Places, industries, and names have been changed to preserve client privacy.

When Phillip Nguyen’s phone buzzed early Sunday morning, he knew his day off was about to become incredibly busy. As the IT manager of AggreGREAT Alberta, a bustling paving company, Phillip was accustomed to weekend work, but this was different. Moments after being bombarded with alerts about suspicious activity on the company servers, his phone rang.

It was AggreGREAT’s HR manager, sounding frantic. Phillip listened anxiously as she described her computer’s state: a locked screen with an error message, warning about encryption, a “begin the decryption process” button, and a countdown to a doubling price for decryption—clear signs of a hack.

The HR manager recounted her actions from the previous day. She’d gone into the office Saturday afternoon to sort through a batch of resumes in her inbox, downloading attachments without reading the emails. However, when she started reading the files, she found an unreadable Word document traced back to a poorly written email that seemed like spam. She admitted recognizing red flags but thought she’d dodged a bullet. It wasn’t until she returned this morning to print off shortlisted resumes that she realized she’d caught fire.

As she finished her story, Phillip logged in remotely to confirm what he already knew—it was ransomware, and it was everywhere. He had to get to the office.

Cyber insurance: the best business decision

After reassuring his co-worker that the company had cyber insurance, he asked her to leave her computer powered up and to head home for the day. He was beginning to panic.

“With 75 computer users and 200 employees all suddenly cut off from their digital lifelines, we were in trouble. We rely on digital weight scales for invoicing and truck management. If we can’t access our systems, we can’t operate. And Monday morning deliveries were looming.”

He texted AggreGREAT’s junior IT technician, Gaelle Benoit, and asked her to meet him at the office.

“I knew we had cyber insurance, so I wasn’t worried about paying ransom. My biggest concern was getting operational for tomorrow morning, and I knew I needed Gaelle’s help.”

And Gaelle did help, primarily by convincing Phillip they were in over their heads.

“It was Gaelle who called it. She figured out pretty quickly that we needed support. It took me longer to let it go. But not too long. I’d advised Gaelle often enough to ask for help. It was time to lead by example. After a quick check-in with the operations manager and owners, I called the Hackbusters.”

Hackbusters

The Hackbusters, a team of cyber security specialists, are available around the clock to all BOXX clients—and their IT departments. It’s a service lead Hackbuster and BOXX Virtual Chief Information Security Officer (vCISO) Jack Brooks wishes more clients would take advantage of.

“It’s like having a vCISO on speed dial. It’s really an exceptional service. Our business clients, whether they have an IT team or not, have unlimited access to professionals with decades of security experience in multiple industries. This is big company information security that SMEs can afford—it’s included in their cyber insurance. It’s a terrific way for brokers to support their clients, and they don’t even have to file a claim to talk to us.”

Gaelle was impressed. “Their response was nothing short of remarkable. Within two hours of our distress call, the BOXX forensic team was unraveling the tangled mess of ransomware that had brought us down.”

Recognizing the urgency of the situation, the Hackbusters divided their forces. They reconstructed the company servers outside the infected environment to minimize disruptions to the company’s operations. This was only doable because, as part of their vCISO service, BOXX had already helped AggreGREAT set up a backup IT system in the cloud. Meanwhile, their forensic experts carefully wiped out any signs of the cyber criminals’ activity and thoroughly cleaned all endpoint devices.

“I was freaking out.” Phillip recalled. “No one wants a breach to happen on their watch. It’s incredibly stressful and…embarrassing. You’re worried about your job, you’re wondering what you could have done better to prevent the situation, you want it to be over. But the Hackbusters were amazing to work with. They included Gaelle and me every step of the way. No shaming.”

Thanks to the efforts of the Hackbusters, AggreGREAT was up and running by Monday morning, a feat that seemed impossible just hours earlier. Employees arrived at work and trucks rumbled in, oblivious to the digital drama that had unfolded.

In the days and weeks that followed, the Hackbusters continued to work behind the scenes to help the IT team implement a comprehensive recovery across all systems, ensuring that no lingering threats remained.

“They stuck around to help with system and cyber security hardening, working with us and our IT vendors to reduce vulnerabilities in our systems. The Hackbusters know a lot about the latest cyber threats. It was a valuable learning experience for someone new in their career,” explained Gaelle.

The Hackbusters also helped Phillip create an incident response plan for potential future cyberattacks and encouraged him to take advantage of the employee cyber security training included with their Cyberboxx Business coverage.

“Letting cybersecurity training lapse was a huge oversight,” reflected Phillip. “As head of IT, it’s my job to oversee this. We should have been training every three months, but at the time of the attack, it had been over a year. I take full responsibility for that. Regular BOXX training sessions are now in the calendar.”

AggreGREAT’s leadership supported their IT team and acknowledged Phillip and Gaelle’s efforts. The company has a more comprehensive understanding of their Cyberboxx Business policy.

BOXX vCISO, Jack Brooks is happy too. “We help small and mid-sized businesses like AggreGREAT build digital resilience. On the other side of this cyber-attack, we have an involved and educated client with a high level of coverage. AggreGREAT has a top-notch incident response team on retainer. It’s an all-in-one approach that works really well for everyone. I hope more brokers learn about this, too. We want everyone to know that your BOXX cyber insurance includes this vCISO service.”

Interested in more real-life cyber stories?
Sign-up for the BOXX Newsletter today.

Join over 5,000+ others that receive our newsletter updates. Filled with expert advice and product announcements to help prevent a cyber incident. Get insider access to news around BOXX innovations, cyber tips and case studies that allow you to stay up to date on all things cyber.