Challenge
A global Distribution & Logistics company had been notified by the FBI that the Fin7 hacking group was leveraging email addresses belonging to the client to send malware to the client’s supply chain. This compromise was found to include at least 150 accounts and was highly targeted. The Zyston Incident Response team was asked to triage and investigate an active incident. The Zyston Program Strategy team was also asked to assess opportunities for maturity and proactive mitigation strategies.
Solution
A global system patch and password reset were coordinated by the Response team, as well as a rapid rollout of multi-factor authentication. Activity was monitored using a temporary security information and event management system (SIEM) and indicators of compromise steadily fell until all accounts had been reclaimed. Inboxes of compromised accounts were investigated, and client contacts were notified via formal communication.
Results
The client adopted several strategic improvements as a result of the findings from the Incident Response and Program Strategy teams. The incident was contained and there was no confirmed impact to client’s supply chain partners.
Forrester Report
In this report, Forrester evaluates cybersecurity providers and offers insights into Market Presence, Strategy and Offerings.