In mid 2021, an organization in the telecommunication sector suffered a breach in their cybersecurity. Hackers compromised the company’s online services to target their end-users– putting more than 100,000 users at risk.
Acting quickly to protect their customers, the organization engaged Ebryx’s Digital Forensics and Incident Response (DFIR) service. Drawing on our experience responding to similar intrusions in the past, we helped them contain and identify the root cause of the breach and restored operations to their usual productivity. After defusing the main threat, we helped strengthen their security posture by strengthening the vulnerabilities the attackers had exploited and developing threat specific mitigations to prevent future incidents.
Responding to intrusions is complex. Not only do you have to address the threat and restore operations to full capacity, but you must also identify the origin of the attack and the nature of the adversary. As our investigation progressed, we discovered that the attackers had used stolen credentials from a 3rd party compromise in the Power sector to carry out the intrusion. We were then able to identify the intrusion point and completely cut off the attackers. By identifying the origin of the breach, Ebryx empowered the telecommunication organization with credible evidence to use in further legal processes.
Ebryx’s in-depth digital forensics and incident response report detailed the many facets of the attack concisely and comprehensively. In the document, our consultants provided detailed feedback and actionable steps to improve the company’s security posture. Our analysts also met with the company’s management and IT departments to advise them on future steps and provide technical details that would strengthen their case should they take legal action. The DFIR report’s findings, coupled with the detailed consultation they received from our team, put the organization in a strong position to create a sophisticated security model and prevent future breaches.
Ebryx is a managed security service provider with extensive experience defusing large-scale cyber attacks throughout the globe. We have operations in North America, Europe, and the Middle East. Our services are distinct from the average cybersecurity provider: our continuous threat research and sophisticated incident response method make us the first choice of established multinational corporations and SMEs alike. Facing a cybersecurity crisis? Let Ebryx assist.