Case Study

LoughTec Security Operations Centre Stops Cyber Attack on Agricultural Organisation

LoughTec Security Operations Centre Stops Cyber Attack on Agricultural Organisation

The Challenge

The UK-based Agricultural Organisation was a victim of a ProxyShell exploit on their email server. ProxyShell is the name of an attack that uses three chained email server vulnerabilities to perform unauthenticated, remote code execution. The client was in the middle of a migration to a cloud email server, so it was important to contain the processes and prevent the exploit from continuing to function.

"Had the SOC not been involved, it is impossible to tell how much of the company’s data would have been at risk. While both anti-virus and anti-malware solutions are useful in providing protection against known viruses and malware, they simply cannot thwart dedicated criminals leveraging newer attack methods such as ransomware and zero-day exploits."

The Outcome

The LoughTec Security Operations Centre (SOC) received an email from the customer about a Windows Defender alert on the email server. The SOC found webshell and evidence of compromise on the machine in question. The customer was called and they asked not to isolate the machine. After identifying the exploit, the SOC recommended actions to finish cleaning up the server. The time between initial detection and response from the SOC was 0 minutes. The time between initial response and full resolution was less than one minute. The threat was stopped and prevented from moving laterally into other company systems.

Features

LoughTec’s Security Operations Centre provides 24/7/365 coverage so your organisation can focus on other priorities.

  • Stopping lateral spread before it occurs
  • Real-time detection and immediate response
  • Network visualisation, tradecraft detection and endpoint security in one
  • Quick and easy deployment.

Like what you see?
Get in touch with LoughTec to discover how we can help you

LoughTec support, protect and manage IT Infrastructure for organisations throughout the UK and RoI. We add value to our business relationships through our technical expertise, experience plus a strategic and hands-on approach to our managed IT services.

Remote Support

Stay up to date

Stay updated and subscribe to our regular communications

Download Full Case Study

Fill out form below to download