Dual Attack Brings Manufacturer’s Operations To A Halt
A persistent ransomware attack disrupted all business operations, encrypting all servers and user systems on the client’s network. After an initial containment attempt, the internal IT team temporarily contained the attack, only for the attacker to re-compromise the environment a second time within 48 hours.
The PIP team was on-site within 24 hours — Saturday, mid-day. The IRT team identified two distinct attack vectors: surface-level ransomware and, beneath that, a banking trojan attempting to gain access to the company’s financial and HR systems.
“When a cyber attack occurs, speed is of the essence. Downtime, especially in manufacturing, costs hundreds of thousands of dollars per hour. But there’s another reason speed matters: the longer an attacker has access to your systems, the more direct and indirect damage they can do — from accessing financials to compromising your customers’ personal information.”
Infrastructure Practice Manager | Performance Improvement Partners
Learn How to Protect Your Portfolio
Find out why the responsibility — and liability — for cybersecurity goes beyond the IT department to the C-Suite and the Board in the Private Equity Guide to Cybersecurity.