Methodically, the hackers attempted entry, breaching point after point. When TNW Creations acted, we shut down the network, monitored it, ran our security programs which included ESET, Malwarebytes, Spybot, Webroot and even then... were unable to stop the cyber attack until we wiped all of the systems... three times. Because of the additional partitions, the malware was hiding. Reinstalling Windows 10 was attempted twice, before we used a live version of Linux and zeroed each hard drive. Finally after 14 days, working tirelessly, monitoring, wiping, cleaning, installing, running and replacing hardware including the router and several peripherals... the network was clean.
However, one of the devices on this network surprised us. An Xbox 360 console with wifi adapter tucked away and forgotten had been corrupted and was being used as a beacon as well. The console should have been scrapped years earlier as Microsoft had stopped supporting it.
There are multiple lessons to learn from this scenario.
- Never use outdated software (operating systems, programs, security, mobile, etc)
- Never use outdated hardware (routers, consoles, pcs, webcams, printers, etc)
- Don't expect Windows Defender to be all you need to protect yourself. Even having a security program like McAfee or ESET did not stop the sophisticated cyber attack this network experienced.
- Always monitor your network activity for suspicious connections.
- Always keep your operating system and software programs up to date!
- Have an antimalware program AND 2 antivirus programs on your system at all times. Only keep one antivirus active at a time.
- Scan regularly.
- If you visit a website that appears to look unusual, is displaying content that does not look right or is only showing lines or a blank page. DO. NOT. CLICK. ANYWHERE ON THAT SITE. And run your antivirus and malware scans immediately after closing your browser.