A secondary school in the Southeast needed a swift cyber breach response service when their IT systems became infected with the Emotet virus. The malware had spread to every computer and server. School staff were unable to use some machines, while in other cases it took up to an hour just to log in. Accessing files had become virtually impossible. If the situation had been left unattended, the malware could very likely have evolved into ransomware.
We responded quickly to the emergency by first of all locking down the systems to prevent further incursions.
We did this by deploying a special software to all school PCs. Admin passwords were also changed on a daily basis to prevent unauthorised access. We then started the work of identifying the cause of the virus.
It turned out that this particular virus had gotten into the school systems when a staff member used a USB stick that they also used on their virus-infected home PC.
We then began protecting other endpoints by deploying malware bytes as well as providing a full incident response service for the next month. We manually monitored all systems during this time.
Once the virus had been removed and networks cleaned up, we put in safeguards and special cyber security tools to prevent such an incident from happening again.
One of our key recommendations was stopping staff from using USB sticks brought from their homes. A big part of our prevention measures focused on reviewing the school’s BYOD (Bring Your Own Devices policy) and suggesting more robust security measures.
The school was relieved to have its systems secure again and was also grateful for the enhanced security measures we deployed to prevent future breaches.