Case Study

This customer reached out to us when they suffered considerable financial loss after falling victim to a spearphishing attack. 

Our Partners

Introduction

The attacker was able to gain access to the email platform and monitor the email flow and exfiltrate contacts of our customer. The attacker had been lurking in their Office 365 for months, reading emails and learning about their processes and partners. Once they had gained the required knowledge, they launched their simple but effective attack. Posing as one of our customer’s partners, they sent a spoof email requesting their bank account details to be changed and for funds to be transferred into the new account. The email was sent to the correct employee and was a good imitation of how the partner’s emails usually look. Acting as instructed, the employee changed the account details and transferred the funds.

It was a few days later when the catastrophic error was realised. By this time, the funds were transferred to international bank accounts. 

There was a combination of factors that contributed to this event happening:  

  • Firstly, the attacker was able to break into their network and read emails without being noticed by compromising employeeusernames and passwords.  
  • Secondly, the attacker gained unauthorised access to the employees email accounts as they did not have multi-factor authentication enabled. 
  • Thirdly, the attacker exfiltrated the employees contact listsselected the customer’s partner and created spoofed emails pretending to be the partner The employee did not recognise the signs that it was a spoofed email. 

Customer’s Challenges

  • Recover the financial loss
  • Gain visibility of their cyber security risk posture  
  • Gain assurance that attackers did not still have access to their business systems 

 

Simplify Security Support

  • Proactive and expert advice on fund recovery
  • Delivery of a comprehensive cyber security risk assessment at a business level
  • Execution of comprehensive internal and external network penetration testing
  • Delivery of a complete Microsoft Security Assessment
  • Completion of a compromise assessment to evaluate the customer security posture and determine if breaches were still actively occurring

The results

  • Customer recovered most of the funds 
  • Customer received a simple to understand risk assessment report with pragmatic recommendations and an improvement roadmap to implement additional security controls and improve their cyber security posture 
  • Customer received pragmatic and trusted advice and implementation support 
  • Customer gained assurance that there was no active breach occurring in their business network 
  • Customer obtained further visibility of the technical security gaps from the network penetration testing; both in an easy to understand language for business stakeholders and a technical report for the IT department 
  • Customer gained visibility of the gaps in Microsoft 365 with pragmatic recommendations and an improvement roadmap to implement additional security features 
  • Customer subscribed to one of our affordable monthly subscriptions-the security and compliance officer with 24×7 Managed Detection and Response and Threat Hunting expert service 

Why Simplify Security?

Reliability you can trust

Let’s face it, Kiwis can be a bit laid back and that sometimes means companies not returning your calls, turning up on time or delivering on promises. Not us – we pride ourselves on reliability, dependability and integrity.

Skilled staff

We all know there is a skills shortage in cyber security. Forget the stress of recruitment and retention by leveraging our highly skilled professionals. Just look at their accreditations - they know their stuff.

Cost-effective services

Employing a full time cyber security professional is not an affordable option for most SMBs. We offer competitive, affordablele and flexible subscriptions with no long term restrictive contracts.

Leading protection

Artificial Intelligence (AI) and automation are at our core. We use the power of AI to predict and protect against known and unknown threats, to keep your business and interests safe.

Blog

 

What is phishing and how to stop it

What is phishing and how to stop it

What’s phishing? Malicious emails that look genuine and try to trick you into providing data, spreading malware, or paying money. What are the risks? Phishing has led to massive financial losses, malware infections, and data breaches. How to stop phishing 41% IT and...

Checklist: How to stop ransomware

Checklist: How to stop ransomware

Ransomware continues to be one of the top cyber threats facing businesses, with 30% admitting to having fallen victim in the past. It is therefore critical that you have advanced protection capabilities in place to keep your business secure.  Here is a checklist put...

How to prepare an Incident Response Plan

How to prepare an Incident Response Plan

In the security world we say that there are 2 types of businesses; those who’ve suffered a cyber attack and those who are yet to suffer one.  The point here is to be prepared as cyber attacks are an unfortunate reality of today’s business landscape.  So how do you...

0/5 (0 Reviews)
0/5 (0 Reviews)