WHAT’S AT RISK?
Hackers aren't just targeting corporate giants anymore. Now they are able to cause disruption in the middle market and at small businesses. Where huge companies may have millions to spend on cyber security, hackers have recognized that small- to mid-sized companies do not have the same budgetary luxury. How you protect yourself today can safeguard your company tomorrow.
Malicious software with one goal: harm your computer systems. These programs are introduced into your company without your knowledge and can have long lasting negative effects on your computers, servers, and networks.
These programs spread through your computer networks, denying you access to your files and systems unless a ransom is paid, often in the tens of thousands of dollars. If a successful ransomware attack is deployed in your network, hackers effectively have complete control over your computer systems, servers, client lists, pricing details, and employee information. Can your company go days with no productivity?
These are used to obtain sensitive information within your company, often with the goal of deploying malware or ransomware into your company systems or compromising user credentials.
Data breaches involve an intentional or unintentional release of sensitive company data to unauthorized parties. This can range from client data and pricing, to blueprints of a highly specialized tool that provides you a competitive advantage in your market. With your pricing and product blueprints in the hands of your competitors, your market advantages may be short lived.
When your company information is compromised, you could be required to report a breach publicly. This not only tarnishes the reputation you’ve spent your life building, it also leads to very difficult conversations with current clients and potential prospects. Money spent safeguarding your systems now can prevent millions of dollars spent recovering data and a broken reputation.
WHAT WE CAN DO
Identify Your Risk
Identifying your specific risks is the first stage in our holistic approach to protecting your company’s data and computer systems. We provide a range of services that can be performed individually or as a whole to ensure your systems stay online and maintain productivity.
Vulnerability and Network Security Assessments
Vulnerability and network security assessments identify where you're most at risk and recommend how to organize your systems to ensure they're secure.
Penetration testing is an ethical attempt to probe and breach your security systems to identify your vulnerabilities and provide additional protections where needed.
Disaster Recovery Planning and Data Resiliency
We help you formulate a strategy to protect and recover your systems and data in the event of a disaster to minimize disruption and loss of market reputation.
Defend Against Threats
As a managed security services provider (MSSP), we use several methods to focus your company and employees around the importance of security. These are proven measures to actively engage your employees and company governances to prioritize daily behavior with cyber security in mind.
Managed Security Services
We deploy company-wide protocols to identify and disable incoming cyber attacks as part of our managed security services (MSS). If you are losing data or a system is at risk of going down, we can respond immediately.
As internal mistakes are increasingly responsible for data breaches, ongoing employee training can save you millions of dollars in safeguarding against cyber attacks. We deploy ‘’fake-phishing’’ campaigns to learn if your employees are following your procedures, and we will identify which employees may need more help understanding how to identify these threats. We also can work with you to create customized handbooks and policies for your organization.
Cyber Risk Assessments
Using the National Institute of Standards and Technology (NIST) model, we perform more formal cyber risk assessments to comply with your insurance carrier's requirements for cyber coverage.
Respond to Cyber Incidents
Unfortunately, without proper security, some cyber attacks are successful. When that happens, our teams are ready to deploy to minimize damages to your company’s systems and maximize safe data recovery.
As soon as a breach occurs, our incident response team can immediately go to work containing the problem, recovering data, and preserving records in the event of an insurance claim or lawsuit. Then we safeguard the computer systems, investigate the incident, and ensure the problem is eradicated. Additionally, we provide a post-event action plan that outlines recommendations for changes that should protect you from similar threats in the future.
In the event of a potential lawsuit, our expert staff of certified forensic examiners can collect, preserve, and analyze all digital evidence and artifacts to determine root cause. Our processes are documented with immaculate attention to detail to ensure your case and evidence is defensible in a court of law.
After-Hours Ransomware Infects All Network-Based Servers
Responding to Cyber Threats to Keep Business Running As Usual
A US-based industrial construction company experienced a severe after-hours network outage that crippled the entire business operations, including all email and computer network resources. The company’s internal IT department responded to the outage and quickly determined that all network-based servers had fallen victim to rapidly spreading ransomware, which also rendered the onsite backups inoperable.
The company employed Pathway Forensics engineers, who quickly responded to the attack, both physically onsite at the client’s offices and virtually through secure channels to a Security Operations Center. After immediately investigating and triaging the ransomware event, Pathway analysts and engineers went to work by first isolating the infected servers, then rerouting critical business applications and email traffic through an alternative secure network infrastructure.
The redirection of network and email traffic allowed the business to continue with primary operations while Pathway engineers restored the company data and rebuilt a much more resilient IT system and network infrastructure.
Title Company Falls Prey to Wire Transfer Fraud
Responding to Sophisticated Phishing Attacks
A title company – through its normal course of business – performs millions of dollars in financial transactions every year via wire transfers. After several transfers failed to reach the correct client, the company began to investigate the transfer process and learned that they had become a victim of fraud, with losses totaling more than $700,000.
Pathway Forensics was engaged to conduct the investigation and mitigate any digital threats that might still be lurking on the company network. During the investigation, our analysts quickly noticed that a broker’s email account had been compromised during a sophisticated phishing attack in which malicious actors set up forwarding rules to an unknown outside address. We also learned these actors would observe email activity within the company and wait for wire transfer instructions to be ordered. At that time, they would interject into the conversation – acting as the broker’s manager – and then change the transfer routing information and account.
Upon completing the investigation, Pathway remediated the forwarding rules and reviewed all other email configurations for indications of compromise. All effected employees’ accounts were reset and two-factor authentication was implemented as an additional layer of protection. We documented our findings in an official report that the client shared with law enforcement to begin an official criminal investigation.