Hacking in Your Own Back Yard

Hacking in Your Own Back Yard

Having compromised IT is way more common than you might think. Often those that have been compromised have no idea they are. It is not just overseas companies that are targeted – it is literally hacking in your own back yard from Kaitaia to Invercargill. We got our IT Alliance Team together to share some local stories below. Implementing 2FA is essential to combat these.

What is 2FA (2 Factor Authentication)? 

2FA (or Multi-factor) authentication is a security mechanism that requires an individual to provide two or more credentials in order to authenticate your identity. For example, you may be required to enter a password as well as a text message code using an authorising app. Other forms of authentication might be a fingerprint or retinal scan. Yes, it can be a little more time consuming, but it can be a whole lot more time consuming and stress-inducing if you end up with a major security breach on your hands. It is especially important if you are implementing remote work or if you are a business (lawyers, accountants, medical professionals) that keep personal information about your clients. Especially since the new laws have been introduced surrounding this.

Cyber Attack in Northland!

“We had an incident today with a law firm in Northland. Like most people, they use Office 365. The hacker simply guessed the lawyers password. The hacker looked through the sent emails and found two customers who recently had been asked to pay house settlements. The hacker emailed both these people and asked them to pay the money into a different bank account instead. One of the customers rang to confirm the change as the English was poorly written. When we looked at the server records, we found they had logged in from Brussels overnight and emailed the two customers. It was such a close call.” – IT Alliance Member from Northland

2FA stops this attack in its tracks, if your password is guessed correctly by a hacker it then asks them to verify with the App on your phone that they are allowed to login. As they don’t have physical access to your phone they can’t get the needed access code.

We need to be clear – for almost all businesses today, having 2FA in place on your critical systems is not a nice to have; it is essential.

How to Get 2FA on your Microsoft 365

Getting 2FA is more simple than you think. Here is the step by step actions you need to take if you have a Microsoft 365 account.

Step 1: Download App on your smart phone – Microsoft Authenticator (Available in Apple Store or Play Store)
Step 2: We turn on 2FA (Two Factor Authentication) on your account
Step 3: When you login to portal.office.com it will ask you to setup 2FA with the Authenticator app on your phone
Step 4: Once every 6 months it will prompt you to confirm with the App, or if you login for the first time in a new location.

Our experience is that some businesses can implement 2FA on their 365 accounts largely by themselves, whereas others need help. Use your local IT support to help you come up with an implementation plan, and to ensure all your team feel supported throughout the change.

Cyber Attack in The Naki!

These types of attacks aren’t just happening in isolated cases. Here is another example of a similar situation.

“We had a client catch an attack shortly before it caused over $1.2 million dollars worth of damage! Essentially, the hacker got into the emails of the CFO and their key administrator. They looked through the sent emails and found correspondence regarding a large amount of money set to be deposited. The hacker then sent the administrator an email asking it to be transferred into a different bank account. It was extremely lucky that this particular administrator was a stickler for detail. The administrator picked up the phone and rang the CFO to check, saving the day! The client was SO lucky!”- Taranaki IT Alliance Member

Risks if you don’t implement 2FA:

It’s really important to understand what you are really risking if you don’t implement 2FA. We put together a simple checklist to help make it crystal clear what you might be signing up for by not taking actions today!

Damage to business reputation
Risk of sensitive information being stolen
Risk of blackmail if information is stolen
Risk to customers paying into wrong account
Time lost trying to recover from hacking
Your cyber insurance MAY NOT PAY OUT!

Need some help?

If you are a bit nervous about setting up your 365 2FA (look at all those acronyms!) reach out to your local IT Support provider. You can give us a call on 078-850-5742 or contact us using the link below to get started .

This article was kindly Authored by the IT Alliance and is provided here as an educational service for our clients.

IT Alliance Members:
CT Business Solutions - Hamilton
@Computer - Northland
Technology Partners - Tauranga
Vision Lab - Te Puke
AdvancedIT - Rotorua
BlackSANZ - New Plymouth
GTB - Kapiti, Wellington
Decision1 IT Solutions - Dunedin
IT Centre - Wanaka
Voicecom - Invercargill
IT Alliance Website


IT alliance, ITA, IT association, IT group, IT support, Nationwide IT, IT management, IT services, IT company, computer services, computer repair, managed service provider, managed services, managed IT services, IT solutions, business IT, IT companies in New Zealand, Microsoft 365, Office 365, Microsoft Office 365, Microsoft Stream, Microsoft Kaizala, Microsoft Power Automate, Microsoft Sharepoint, Microsoft Planner, Microsoft Teams, Microsoft Onedrive, Microsoft Forms

© 2023 CT Business Solutions Limited. All Rights ReservedContact Privacy Policy Terms & Conditions View Desktop Version