Manufacturing Firm Downloads Ransomware – Down For 2 Weeks
For over 2 years, SPoC monitored and managed a manufactures server environment. Their internal staff handled the day to day help desk issues. When the contract was coming to an end, they requested we build their environment in the cloud. They then handed the keys to their less experienced staff. The firm felt they were safe in the cloud. Six months later, they downloaded ransomware that encrypted their entire network. The firm came to a complete halt. They contacted SPoC to rebuild their network from backup. It took two weeks to rebuild 50 servers and configure the network to its original state.
The Single Point of Contact team presented a SIEM and EDR solution to eliminate threats in the future. SPoC built a dedicated team to review alerts around the clock, investigate potential threats, escalate to onsite teams, but would remediate threats after hours. The manufacturer suffered a great loss of business and their reputation was damaged during this process. The firm relies on the Single Point of Contact team to ensure their network is secure and data stays safe. The firm considered their in-house staff to review alerts, but they came to the conclusion that they were stretched thin as it was.
The SPoC security team implemented security policies and a DR plan to managements requirements. The SIEM solution isolates threats automatically which allows the team to investigate. The EDR solution has automatically locked down computers that have downloaded suspicious files. This has allowed the team to remediate the potential threat. The client is no longer walking on egg shells. Every email was met with suspicion, but the security solution that SPoC implemented as eased everyone at the firm.
The SPoC marketing team is not allowed to share the firm name, but the manufacture is happy to discuss the nightmare and the Single Point of Contact SOC service.