CEO Bart McDonough shares his story about the time he posed as a Bloomberg employee and gained remote access to every computer at an NYC-based investment firm.
Cybersecurity awareness training is a must-have for your employees. Contact us, we can help educate your end users on how to spot and evade an cyber-attacks—so your firm doesn’t become another cautionary tale.
So we looked up Bloomberg, and we started calling them. You can change the display name on your phone to show up as whatever you want. So we call them from Bloomberg.
“Hey this is Bart from Bloomberg. I just talked to Joe your CTO.”
How did we look that up? It was on their website.
“Just talked to Joe. We realized there’s a cybersecurity issue. I need to get on your computer to fix something with regards to your Bloomberg, but if now’s not a good time that’s fine.”
So I wasn’t super aggressive.
“I just need you to know that by 4 o’clock your Bloomberg will stop working.”
Because investment people don’t care about their investments and what the prices are going to be. They don’t care about that, right?
So they said, “Fine, fine, fine. How long will it take?”
Bart from Bloomberg: “In five minutes you’ll be fine.”
So we sent them a link. They click on it. We’re on their machine. We were 27 for 27.
We call number 28, and he is onto us. Older gentleman. Super grumpy. He wanted nothing to do with this call. Getting a little hostile. A little irate. Just as he was about to hang up, the partner that sat next to him was walking by and said, “Oh are you on with Bart from Bloomberg? It’s super easy, let me just show you. It took a second.”
He jumped in and did it. Kicked grumpy pants out of the way, and we got on. 28 for 28. We got on all of their computers. Physically, albeit remotely. They didn’t see it. We were actually on their computers.