Customer Background:
Customer is a key player working to attract foreign investments and leading event management industry with multiple subsidiaries on healthcare and interior design
Situation
Customer was infected with large number of endpoints exhibiting signs of unknown encryption initiated by the Threat Actor, causing critical loss of productivity and business disruption. SpearTip, a well-known security consulting company originally based in US, partnered with NETS International to remediate and reinstate from the ransomware attack.
Solution
NETS professional Security Consultants, along with SpearTip, helped with immediate actions on-site. A complete digital forensics analysis was performed on entire infrastructure including endpoints to determine initial point of compromise. Historical logs of intrusion events were collected and analyzed, eventually variant was identified as Phobos Ransomware. A series of steps were performed on devices, ports and servers’ level, resulting in complete recovery and elimination of threat footprint from the environment.
Benefits and Outcomes
⦁ Gained customer trust
⦁ Awarded managed services contract
⦁ Increased end-user satisfaction
⦁ Elevated security posture