This post was last updated on September 17th, 2019 at 01:58 pm
Download Case Study
Submit this form to download our case study
Case Study Overview
Managed security service providers (MSSPs) leverage the Infocyte HUNT platform to deliver cost-effective managed detection and response (MDR) services, consulting services, and cybersecurity compromise assessments.
Learn how an MSSP partner helped a major financial institution identify, investigate, respond to, and recover from an undisclosed data breach—in record time.
A major regional financial institution suffered a significant data breach. After noticing abnormal network communications, the bank discovered it had been the target of unknown (zero-day malware) attack.
The initial attacks were soon addressed, but the bank also needed to verify that no further malware was residing undetected on its infrastructure. They called a Managed Security Services Provider (MSSP) to deliver a Compromise Assessment across the bank’s entire network of assets and endpoints.
The Infocyte Compromise Assessment (cyber risk assessment) involved all systems, networks, and endpoints the bank considered, or identified, as critical assets—including payment gateways.
The MSSP partner provided the environmental and system requirements necessary for optimal functioning of Infocyte HUNT to the customer. These requirements mirrored the bank’s existing enterprise management tools’ protocols and settings, resulting in minimal customer effort to prep the environment. Furthermore, Infocyte HUNT was able to perform all scans without impacting the bank’s productivity or resulting in downtime.
The full engagement was completed in four days, and included multiple scans of the endpoints in scope. The secondary and tertiary scans were completed by the end of day two, while the analysis and report creation were finalized and delivered at the end of day four.
Wannacry ransomware was discovered by Infocyte HUNT and removed from the payment gateway before it had a chance to activate. The same ransomware was also detected on another enterprise endpoint. Had the ransomware activated, the cost to the bank would have been in the tens of thousands of dollars per hour because redundancies were non-functional at the time of the discovery.
The scan also identified unauthorized Remote Access Tools, unauthorized File Sharing Tools, hackware, riskware, and other unwanted software.
As a result, Infocyte HUNT allowed the MSSP partner to successfully protect the bank from the planned activation of the ransomware. This offered value to both the customer and the partner, resulting in a stronger defensive cyber security posture for the bank and validating the partner’s consultancy work.