Case Study

This customer reached out to us when they suffered considerable financial loss after falling victim to a spearphishing attack. 

Our Partners

Introduction

The attacker was able to gain access to the email platform and monitor the email flow and exfiltrate contacts of our customer. The attacker had been lurking in their Office 365 for months, reading emails and learning about their processes and partners. Once they had gained the required knowledge, they launched their simple but effective attack. Posing as one of our customer’s partners, they sent a spoof email requesting their bank account details to be changed and for funds to be transferred into the new account. The email was sent to the correct employee and was a good imitation of how the partner’s emails usually look. Acting as instructed, the employee changed the account details and transferred the funds.

It was a few days later when the catastrophic error was realised. By this time, the funds were transferred to international bank accounts. 

There was a combination of factors that contributed to this event happening:  

  • Firstly, the attacker was able to break into their network and read emails without being noticed by compromising employeeusernames and passwords.  
  • Secondly, the attacker gained unauthorised access to the employees email accounts as they did not have multi-factor authentication enabled. 
  • Thirdly, the attacker exfiltrated the employees contact listsselected the customer’s partner and created spoofed emails pretending to be the partner The employee did not recognise the signs that it was a spoofed email. 

Customer’s Challenges

  • Recover the financial loss
  • Gain visibility of their cyber security risk posture  
  • Gain assurance that attackers did not still have access to their business systems 

 

Simplify Security Support

  • Proactive and expert advice on fund recovery
  • Delivery of a comprehensive cyber security risk assessment at a business level
  • Execution of comprehensive internal and external network penetration testing
  • Delivery of a complete Microsoft Security Assessment
  • Completion of a compromise assessment to evaluate the customer security posture and determine if breaches were still actively occurring

The results

  • Customer recovered most of the funds 
  • Customer received a simple to understand risk assessment report with pragmatic recommendations and an improvement roadmap to implement additional security controls and improve their cyber security posture 
  • Customer received pragmatic and trusted advice and implementation support 
  • Customer gained assurance that there was no active breach occurring in their business network 
  • Customer obtained further visibility of the technical security gaps from the network penetration testing; both in an easy to understand language for business stakeholders and a technical report for the IT department 
  • Customer gained visibility of the gaps in Microsoft 365 with pragmatic recommendations and an improvement roadmap to implement additional security features 
  • Customer subscribed to one of our affordable monthly subscriptions-the security and compliance officer with 24×7 Managed Detection and Response and Threat Hunting expert service 

Why Simplify Security?

Reliability you can trust

Let’s face it, Kiwis can be a bit laid back and that sometimes means companies not returning your calls, turning up on time or delivering on promises. Not us – we pride ourselves on reliability, dependability and integrity.

Skilled staff

We all know there is a skills shortage in cyber security. Forget the stress of recruitment and retention by leveraging our highly skilled professionals. Just look at their accreditations - they know their stuff.

Cost-effective services

Employing a full time cyber security professional is not an affordable option for most SMBs. We offer competitive, affordablele and flexible subscriptions with no long term restrictive contracts.

Leading protection

Artificial Intelligence (AI) and automation are at our core. We use the power of AI to predict and protect against known and unknown threats, to keep your business and interests safe.

Blog

 

The Forgetting Curve – Security Training

The Forgetting Curve – Security Training

It’s something we all know instinctively, if a whole load of new information is thrown at you, your recall of it will be somewhat cloudy one week later. This is exactly what German psychologist Hermann Ebbinghaus showed back in 1885 when he developed the forgetting...

Possible Okta Breach By Threat Actor

Okta has provided additional information on the timeline of the incident affecting their services. In summary, the Okta service confirmed the breach by Lapsus$ group yesterday. As per Okta has confirmed 'The Okta service is fully operational, and there are no...

UPDATE: CVE-2021-44228 Apache Log4j 2 RCE – log4shell

UPDATE: CVE-2021-44228 Apache Log4j 2 RCE – log4shell

Since the news of this critical RCE (CVE-2021-44228) in Apache log4j was made public on Friday, Simplify Security's MTR team has been investigating activity to improve detection and response capabilities. As a quick summary, this vulnerability results from how log4j...

0/5 (0 Reviews)
0/5 (0 Reviews)