CASE STUDY – CYBERSECURITY BREACH

Case Description:

ANS Networking received a request for service from a local NH Police Department. The contact described strange email and network issues. It was determined that an on-site visit was necessary to troubleshoot the issue.

ANS responded to the inquiry with an on-site visit to examine the current issues and discuss Cybersecurity. After interviewing the on-site contact and examining the network, it was clear that a cybersecurity breach was in process.

Case Study - How Data Breach was resolved at a local police station
Malicious Virus and Malware

Determination:

 
ANS Networking determined that virus software was not installed on all computers. The virus software in use was not enterprise type virus software. The router/firewall had no security services enabled and various ports were open for unknown reasons.

Server logs did not indicate abnormal login activity. Remote access from the hacker was not apparent at the time. Some email accounts were not under the end user’s control. Emails were being sent to other departments within the town to propagate the virus payload. Private Facebook accounts were also compromised.

Process

Steps taken to determine the extent of the breach:
 

  • ANS Networking removed access to the internet on all devices.
  • Server and workstation logs were examined.
  • Router/Firewall logs were examined, and logging was increased to gather more intel.
  • We utilized packet scanning software to inspect traffic from all endpoints and servers.
  • Virus software was introduced to the network to isolate any malicious malware.
  • Reconfigured router/firewall until replacement could be installed.
  • Setup suspected devices on subnet to access the internet for further scrutiny.
  • ANS Networking worked with the FBI to send hard drives to forensics for further examination.

Findings:

The hacker used a Phishing email with an attached executable. An internal user clicked on the link and installed a keylogger with SMTP. The program copied all keystrokes and sent them to a predetermined email address.

Once the hacker gained access to the external email account, they utilized the account to send compromised email to other users within the Police Department. Other users were subsequently infected and the keylogger was noted on ten percent of the computers.

cybersecurity breached through phishing email

When was your last Cybersecurity Audit?

Get A Free Cybersecurity Audit

CONTACT US TODAY!

ANS experts will work with your company to provide a customized network security and management plan today.

 

Steps Taken to Resolve the Issue:

 

  • All hard drives were removed and sent to the FBI for analysis.
  • All other computers were reimaged and put back into production.
  • The servers were scrutinized and determined to be clean of any malware.
  • A new router was installed and configured with security services enabled.
  • Servers were hardened using best practices.
  • Virus software was installed on all systems.
  • Changed email providers and switched from POP accounts to cloud based hosted exchange.
  • Utilized two factor authentication where appropriate.
  • Deployed malware and DNS filter to mitigate Phishing attempts and malicious websites.
  • ANS Networking installed RMM (Remote Monitoring & Management) software.

Cybersecurity Services Results in NH, MA, and ME

 

Amy Lamparelli
I have been a client of A.N.S. Networking for more than 15 years. Brian is always incredibly responsive to any support requests. He also maintains our system remotely on a monthly basis to ensure that everything is running smoothly. Our network is strong and doesn't have any downtime. He is also is... always cognizant of keeping the costs down and not spending money where it isn't necessary. I would highly recommend working with A.N.S.read more
Oliver Brown
Brian has been an essential part in setting up my accounting practice. He walked me through the different options for equipment, network, data back-up and security, helping me to choose the most cost effective IT package, set everything up at my office, and now monitors and maintains everything... remotely. He is incredibly responsive whenever I have questions and I couldn't be happier with the service.read more
Bill Herman
A.N.S. Networking, Inc., has been the IT service provider to the last two work places I have been in over a span of 20 years. Our experience has been outstanding with service and support when it is needed. We have found they are usually ahead of the curve in terms of current issues and trends.... They have always delivered as promised, and are always available when needed. And perhaps most importantly, they will talk to you in common language so you can understand a technical issue and what options there may be for addressing them. As a municipal government, we have also found they are sensitive to our annual budgeting requirements and restrictions. We would highly recommend them for your consideration.read more
Sheila Macklin
Brian is extremely responsive to our company needs and can be reached at any time. Call back is within a few minutes of any request.
Monzite Corp
We have been working with Brian Chasse at ANS for over 3 years. Brian's attention to detail and efficient network engineering capabilities are excellent. He has also been helping us with our cyber security compliance which adds another level of depth to the services he offers. We feel fortunate... to have such a reliable partnership for all our technology needs.read more
Ed Viel
We've worked with Brian at ANS Networking to handle our IT needs for our offices in Rochester, Dover, and Alton for over 5 years. Brian is always responsive, listens to our concerns and finds solutions that fit our business (20 employees). A++ Service!
Lil Deeb
A.N.S Networking has been providing excellent IT support and services to the Auburn Police Department since 2015, following a cyber attack. From day one, Brian Chasse made APD data security and network management top notch and secure. He and his IT team are quick to respond to any questions or... issues we may experience. With remote monitoring and management, the protection is quality and trustworthy 24/7. A.N.S. Networking gets a 2 thumbs up by us.read more
Cyndi Puffer
ANS has been wonderful to work with. Brian and Evan have always responded to our calls in a timely manner. They are very knowledgeable and are always very professional. In the last couple of years we have opened two new locations and they did a walk through, ordered what we needed, set up... everything and then tested the computers, scanners, server and printers. Brian goes above and beyond. Even on the weekends, when the doctors needed some assistance, we called and in a matter of minutes we were set. I would highly recommend their services. ANS is the best!read more
Ginny Russell
A.N.S Networking has been providing our IT services for roughly 15 years. Their expert guidance has helped us to implement new point of sale software, two accounting systems and networks at new locations. They have learned our corporate culture and are sensitive to whether a project is cost or time... sensitive. They are always available via phone, email or text message - which is critical for an IT provider. Often they make me aware of potential issues so that we can fix them before they become a large problem. It is so nice to have a company I trust to handle not only the big projects but also small day to day tasks. I would recommend them to anyone. You will not be disappointed.read more
Scott Kinmond
As a Town Administrator of a small lakes region community I have has the pleasure of working with ANS Networking for the past 2+ years, and we have found Brian and his team to be very responsive to our computer networking needs. ANS Networking's contract services have meet all our expectations, and... he and his staff are current with todays technology and delivers it with the utmost professionalism and integrity.read more

Take the first step to protect your company and your client’s data.

CONTACT OUR IT CONSULTANTS TODAY