IR Hotline Numbers:

+44 20 3318 1470
+60 154 877 0076
+61 2 7908 1745
+65 3165 8788
caution icon

Experienced a breach? Reach us now

company logo

Incident Response

Offering Value-added Services to a Mining Foundation

Offering Value-added Services to a Mining Foundation

The Background

The client is an Australian company specialising in the fabrication of customised products to Australian Standards. The incident was perpetrated with forged emails purporting to be from the client and displayed knowledge of existing email conversations between the client and its counterparties. Each attempt used fake email address(es) that appear legitimate to a casual observer and each exchange used intermediary third-party mail servers in other countries, and a technical attack on the targets DNS service.

The Client engaged Pragma to determine the root cause of the incident to help prevent its reoccurrence and to recommend and rectify.

The Process

Pragma proactively provided value-added service and conducted an Internal security assessment on the workstation to help identify security issues that may be present in the client's environment.

Based on the incident analysis, Pragma noted that fraudster was using phishing and carrying their attack from US, Malaysia and/or Australia. We inspected the very limited logs in Office 365 to determine if the fraudsters could be using accounts to read client's emails. We also inspected the security protection set against phishing and inquired about the security management surrounding Office 365.

The Result

During the internal investigation, Pragma detected and removed all malware and installed Sophos X Interceptor to prevent further issues. Pragma also found the internal Wifi Router Huawei, had the default password for the administrator. This was subsequently changed to a strong passphrase.

Tags:

Mining Foundation
Value-Added Services
Security Assessment
Incident Analysis
Phishing Attack
DNS Service Attack
Fraud Detection
Office 365 Security
Malware Removal
Wifi Router Security
Security Recommendations
Best Practices

Join the Pragma Community Today

Email


Solutions

Cyber Advisory

Technology Risk

Compliance, Conduct, and Regulatory Risk

IT Audit

Insights

Pragma Logo

Terms & conditions

Privacy Policy