Menu
close
Call +44 (0)20 3005 4440
Intersys Logo
+44 (0)20 3005 4440
Menu
Close

Managed IT Support

A Reasonable, Fixed Monthly Fee for All Your IT Needs
Managed IT Support Provider

Consulting Services

The High Level IT Consulting Services You Need to Transform Your Business
Get IT Consulting Services

Cyber Security

A Comprehensive Range of Cyber Security Services for Robust, Industry-Leading Protection
Get Cyber Security Services

IT Solutions

Whatever your IT needs, we'll create a tailormade solution for you
Get IT Solutions

Rapid Cyber Breach Response for Mining Company: From Reactive Containment to Proactive Protection at scale

Rapid Containment of Cyber Breach at Mining Company 

Intersys rapidly identified, contained and secured the systems of a mining company following a cyber breach. 

The challenge

A mining company was hit by a cyber breach when a staff member plugged a hard drive from home into their work laptop. Unbeknownst to them, the hard drive had previously downloaded malicious code.

Once installed on the staff member’s work device, the virus soon began to steal passwords.

Our solution

The breach triggered multiple alerts at our helpdesk and our cyber response team quickly swung into action.

Our Cyber Security Analyst and IT Engineer began by reviewing the alerts and gathering information on the incident.

The team immediately reset the staff member’s password and conducted a full virus scan to determine the extent of the breach.

Following this, the team carried out a thorough investigation to track down suspicious files and remove them from the device.

They also isolated the device from the internet to prevent further contamination.

After these initial actions, the team found that the user was running as a local admin —  which had contributed to the attack. The team immediately revoked the user’s admin privileges.

As a final action, the team gathered IOC (Indications of Compromise). These included malicious IP addresses, file hashes and URLs found during their investigation.

The team added the newly found IOCs to the security baseline and deployed them not only to the affected client, but all other Security Operations Centre clients. By doing this they ensured that future malware with the same pattern would be immediately detected not just within the mining company but in all of our Security Operations Centre clients. 

The entire process including identification, containment and securing took an  hour to complete.

Benefit

Our client benefited from a rapid cyber response, containment and improved ongoing protection. We helped them to secure their  systems against future attacks by reviewing and correcting admin privileges for users and updating the security baseline. 

Our actions turned a one-off incident into a permanent, scalable defence improvement across all clients. We thus converted incident data into reusable defence intelligence. The identified threats became persistent detection rules which helped to strengthen a network-wide protection model and bolster future breach detection.

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram