WHAT’S AT RISK?
Hackers aren't just targeting corporate giants anymore. Now they are able to cause disruption in the middle market and at small businesses. Where huge companies may have millions to spend on cyber security, hackers have recognized that small- to mid-sized companies do not have the same budgetary luxury. How you protect yourself today can safeguard your company tomorrow.
Malicious software with one goal: harm your computer systems. These programs are introduced into your company without your knowledge and can have long lasting negative effects on your computers, servers, and networks.
These programs spread through your computer networks, denying you access to your files and systems unless a ransom is paid, often in the tens of thousands of dollars. If a successful ransomware attack is deployed in your network, hackers effectively have complete control over your computer systems, servers, client lists, pricing details, and employee information. Can your company go days with no productivity?
These are used to obtain sensitive information within your company, often with the goal of deploying malware or ransomware into your company systems or compromising user credentials.
Data breaches involve an intentional or unintentional release of sensitive company data to unauthorized parties. This can range from client data and pricing, to blueprints of a highly specialized tool that provides you a competitive advantage in your market. With your pricing and product blueprints in the hands of your competitors, your market advantages may be short lived.
When your company information is compromised, you could be required to report a breach publicly. This not only tarnishes the reputation you’ve spent your life building, it also leads to very difficult conversations with current clients and potential prospects. Money spent safeguarding your systems now can prevent millions of dollars spent recovering data and a broken reputation.
WHAT WE CAN DO
Identify Your Risk
Identifying your specific risks is the first stage in our holistic approach to protecting your company’s data and computer systems. We provide a range of services that can be performed individually or as a whole to ensure your systems stay online and maintain productivity.
Vulnerability and Network Security Assessments
Vulnerability and network security assessments identify where you're most at risk and recommend how to organize your systems to ensure they're secure.
Disaster Recovery Planning and Data Resiliency
We help you formulate a strategy to protect and recover your systems and data in the event of a disaster to minimize disruption and loss of market reputation.
Cyber Program Maturity Assessments
Cyber Program Maturity Assessments are an objective, unbiased assessment of your entire cybersecurity program that includes self-assessments by your stakeholders and a comprehensive review by our experts. The resulting roadmap identifies deficiencies and guides discussions about your priorities and how to optimize your cybersecurity program.
Defend Against Threats
As a managed security services provider (MSSP), we use several methods to focus your company and employees around the importance of security. These are proven measures to actively engage your employees and company governances to prioritize daily behavior with cyber security in mind.
Managed Security Services
We deploy company-wide protocols to identify and disable incoming cyber attacks as part of our managed security services (MSS). If you are losing data or a system is at risk of going down, we can respond immediately.
As internal mistakes are increasingly responsible for data breaches, ongoing employee training can save you millions of dollars in safeguarding against cyber attacks. We deploy ‘’fake-phishing’’ campaigns to learn if your employees are following your procedures, and we will identify which employees may need more help understanding how to identify these threats. We also can work with you to create customized handbooks and policies for your organization.
Cyber Risk Assessments
Using the National Institute of Standards and Technology (NIST) model, we perform more formal cyber risk assessments to comply with your insurance carrier's requirements for cyber coverage.
Respond to Cyber Incidents
Unfortunately, without proper security, some cyber attacks are successful. When that happens, our teams are ready to deploy to minimize damages to your company’s systems and maximize safe data recovery.
As soon as a breach occurs, our incident response team can immediately go to work containing the problem, recovering data, and preserving records in the event of an insurance claim or lawsuit. Then we safeguard the computer systems, investigate the incident, and ensure the problem is eradicated. Additionally, we provide a post-event action plan that outlines recommendations for changes that should protect you from similar threats in the future.
In the event of a potential lawsuit, our expert staff of certified forensic examiners can collect, preserve, and analyze all digital evidence and artifacts to determine root cause. Our processes are documented with immaculate attention to detail to ensure your case and evidence is defensible in a court of law.
Penetration testing is an ethical attempt to infiltrate your company’s security systems to identify vulnerabilities and offer recommendations for additional protections as needed.
BOGUS TAX RETURNS AS RESULT OF EMAIL PHISHING
Protecting Cloud-Based Programs from Phishing Scams
An employee at a small CPA firm in Houston received an email asking for their Office365 credentials. The email appeared to be from Microsoft, so the employee provided his credentials using the link in the email. Soon after, he noticed emails would appear and disappear randomly along with strange and unexpected activity on other online accounts. He uses a cloud-hosted tax program and realized a random user account was created on the portal that was filing bogus tax returns.
Pathway Forensics reviewed the employee’s Office365 portal and enabled audit logging to check for malicious activity. Pathway’s cyber experts checked to see if there were forwarding rules set up on the employee’s mailboxes and worked to enable multi-factor authentication (MFA) on the accounts in Office365 for an additional layer of protection in addition to the new account password. We also worked directly with the cloud-hosted tax software company to enable MFA on the employee’s account as well as the account activity notifications that would alert him of new user accounts and changes to existing ones.
The CPA firm employee was able to stop the bogus tax returns from being deemed legitimate and now has multiple layers of authentication and alerts to help prevent future security incidents.
Multi-factor authentication setup and enablement
After-Hours Ransomware Infects All Network-Based Servers
Responding to Cyber Threats to Keep Business Running As Usual
A US-based industrial construction company experienced a severe after-hours network outage that crippled the entire business operations, including all email and computer network resources. The company’s internal IT department responded to the outage and quickly determined that all network-based servers had fallen victim to rapidly spreading ransomware, which also rendered the onsite backups inoperable.
The company employed Pathway Forensics engineers, who quickly responded to the attack, both physically onsite at the client’s offices and virtually through secure channels to a Security Operations Center. After immediately investigating and triaging the ransomware event, Pathway analysts and engineers went to work by first isolating the infected servers, then rerouting critical business applications and email traffic through an alternative secure network infrastructure.
The redirection of network and email traffic allowed the business to continue with primary operations while Pathway engineers restored the company data and rebuilt a much more resilient IT system and network infrastructure.
Title Company Falls Prey to Wire Transfer Fraud
Responding to Sophisticated Phishing Attacks
A title company – through its normal course of business – performs millions of dollars in financial transactions every year via wire transfers. After several transfers failed to reach the correct client, the company began to investigate the transfer process and learned that they had become a victim of fraud, with losses totaling more than $700,000.
Pathway Forensics was engaged to conduct the investigation and mitigate any digital threats that might still be lurking on the company network. During the investigation, our analysts quickly noticed that a broker’s email account had been compromised during a sophisticated phishing attack in which malicious actors set up forwarding rules to an unknown outside address. We also learned these actors would observe email activity within the company and wait for wire transfer instructions to be ordered. At that time, they would interject into the conversation – acting as the broker’s manager – and then change the transfer routing information and account.
Upon completing the investigation, Pathway remediated the forwarding rules and reviewed all other email configurations for indications of compromise. All effected employees’ accounts were reset and two-factor authentication was implemented as an additional layer of protection. We documented our findings in an official report that the client shared with law enforcement to begin an official criminal investigation.
TALK TO AN EXPERT
Our team of experts are here to answer any questions you have. Fill out the form and we’ll be in touch soon.