Global Technology Services: Security Incident Response
It seems media outlets are buzzing nearly every day with news about another massive IT security breach. While cyberattacks are often perpetrated by and through a small number of people, the effects can be fatal for the larger business under attack, unless preventative measures stop threats before damage is done or immediate action is taken.
In this case, an enterprise software company reached out to us after being infected with Petya ransomware. Rather than attackers collecting ransoms, Petya was deployed to wipe, destroy, and cause as much collateral data damage as possible. It did just that. Over ten thousand users and thousands of servers were infected and deemed irreparable. Revenue losses were projected to be billions of dollars.
ConRes Responded Immediately
ConRes played a lead role in the incident response, recovery, restoration, and ongoing programs to secure the company’s infrastructure. The initial phase was a month of around-the-clock disaster recovery support including overnights, weekends, and holidays. From start to finish, we provided everything needed to reinstate operations:
- To get the company back up and running, we built an onsite 24/7 Network Operations Center (NOC) to implement and turn-up security solutions on a global scale
- Senior engineers were staffed 24/7
- 24/7 triage services restored the global infrastructure
- We worked closely with other VARs and vendors: no turf wars, no politics, just pushing forward to execute the plan
- Project management as provided on all services, and they worked collaboratively with several PMO teams
- A recovery mission strategy was developed with vendor-agnostic product recommendations
- Vendor partnerships were leveraged to rush emergency acquisitions and services, even when off-hours handshake deals were needed to accelerate recovery
- Everything was staged, configured, and tested in our integration facility to ensure tech worked upon receipt
- International shipping and logistics were managed
After initial triage and recovery, our Security Services team provided ongoing support to secure the infrastructure, monitoring, maintaining, and executing a proactive security management paradigm to prevent future attacks. Fortunately, the Incident Response team created a happy ending as the company’s business operations and reputation have made a full recovery and are back on a growth trajectory.