news
HOW AN ASSESSMENT OF IT SYSTEMS CAN PROTECT YOUR BUSINESS
After having seen which assessments should be performed periodically on IT systems to identify the problems exploited by cyber criminals, let’s see instead how one of these checks allowed a company to save itself from a series of threats it did not know.
Our customer, with over 100 locations and stores around the world, had reports on their systems vulnerabilities.
In a company of this size, however, there are countless systems that could be affected by problems, not only servers, but also employees’ PCs, mobile devices, network devices, printers, etc.
It is not easy, therefore, in the presence of such a complex and constantly evolving architecture, to be able to highlight the critical issues.
Our task every year was to carefully analyze the last report, identify the most serious vulnerabilities and, subsequently, carry out a Penetration Test on these, or a verification of how they could have been actively exploited by a cyber criminal to violate the company’s systems.
We also added some extra assessments such as verifying the company’s Social profiles, a phishing or Social Engineering test.
Certainly, a complex and ambitious project, carried out regularly starting 10 years ago, when such activities were not widespread at all, but which allowed the company to avoid various problems, to implement new countermeasures and to verify thir improvements over time.
So much work, but also great satisfaction.
For example, when we checked Social profiles, we came across a fake customer care from the company offering customer support.
The criminals intercepted the comments of customers who needed support directly from the official company page, then diverted them to a fake profile.
In addition to the damage to customers, the situation presented clear risks to the brand’s online reputation.
Our prompt identification of the problem has certainly averted the worst scenario.
On another occasion, we identified instead a malicious websites that, using domains similar to our customer’s one, were selling counterfeit products.
With a thorough research we were able to find several sites of this type, one of which, of Chinese origin, was selling fake products from the new collection.
The customer had developed the design months before, but the collection, intended for sale only later, had not yet completed the production phase.
The Chinese fake site, on the other hand, was already selling the products well in advance, a clear indicator that the company’s servers had been hacked to steal the collection design.
Thanks to our business, the customer has therefore obtained two advantages.
- First, he was able to file a complaint with the relevant authorities, making sure that the malicious site was closed.
- It also carried out a thorough investigation of its systems to assess how and when the attack occurred.
With this information it was possible to reassess the company’s cyber defenses, updating them in light of the violation suffered.
Ultimately, systems assessments allow companies to uncover issues that could be exploited maliciously.
But it is also often possible to identify indicators of cyber attacks that have already occurred, mitigating their effects and preventing further damage.
Definitely a major benefit!
Latest news
HACKS OF TODAY 26/04/2024
Today's HOT includes 19 victims by the notorious Rhysida, Everest, RansomHouse, DarkVault, RansomHub, Medusa, Hunters International, Cactus and dAn0n gangs. The average Cyber Risk Factor is 4.2. Read...
Read MoreHACKS OF TODAY 25/04/2024
Today's HOT includes 8 ransomware victims by the notorious RansomHub, Hunters International, Black Suit, Qiulong, DarkVault, RansomHouse, Qilin and MyData gangs. The average Cyber Risk Factor is 4.0....
Read MoreHACKS OF TODAY 24/04/2024
Today's HOT includes 10 ransomware victims by the notorious RansomHouse, Black Suit, Rhysida, BianLian, RansomHub, BlackBasta, Eraleig and Qiulong gangs. The average Cyber Risk Factor is 4.4. Read...
Read More