https://www.xperience-group.com/case-study/manufacturing-organisation-returned-to-bau-by-xperience-following-phishing-breach/
| Industries | |
|---|---|
| Solutions |
Responsible for the design, and manufacture of materials handling, lifting, and manoeuvring equipment for a wide range of well-known brands across the UK, this organisation had around 50 employees and believed that due to its size would not be the target of cyber attack.
Following a documents encryption breach, this organisation reached out to Xperience to help restore their data and assist in returning them to business as usual.
They have learnt, in the hardest of ways that they are not ‘too small’ and that they can be a victim in this kind of scenario.
During routine maintenance, it was discovered that some core business documents had been encrypted and an exploit was identified to be running in the background of a file/folder structure. It is suspected that the breach was caused by a successful phishing attack coupled with unpatched equipment.
Whilst the Xperience support team was able to isolate the exploit and secure the environment immediately, there were indicators of further compromise. While standards reset procedures were carried out and encrypted data was restored via back-ups to the best of Xperience’s ability the Security Operations Centre (SOC) team carried out root cause investigations and developed a strategic action plan to mitigate against future breaches.
The consequence of a cyber attack can be varied. Aside from the financial aspects of having to restore its systems and invest in its IT Infrastructure this organisation’s operations and reputation were most impacted.
Its’ systems were not just impacted for one day – it took seven days to bring them back to business as usual – this caused ongoing client impact. The organisation now has to be, at clients’ request, externally audited to ensure they are ‘safe to work with’ and new protocols and insurances now have to be put in place and evidenced.
As a result of the operational impact, the organisation suffered critique across its supply chain. Evidence of ongoing risk mitigation had to be provided to give assurances that they were safe to work with both now and in the future.
Investment in systems, tools, policy, and process efficiencies should be a key focus of any business, and you are never too small for a cyber attack.
Learn how we can help you protect your business