Case Study | Software Developer
A Malaysian Software Developer was hit by Ransomware and urgently needed a Solution to generate an Incident Response. See how Cybots delivered AI-driven Solutions on time and within budget.
Recent Software Developer Industry Intrusions
Data on almost 3 million users from fintech aggregator platform Cermati.com was leaked and sold online for US$2,200 on Oct. 28, as reported by cybersecurity researcher and consultant Teguh Aprianto via his Twitter account @secgron on Sunday. The leaked data includes names, addresses, bank accounts, emails, mother’s maiden names, tax numbers (NPWP) and passwords, he said.
- SolarWinds was the subject of a massive cybersecurity attack that spread to the company’s clients.
- Major firms like Microsoft and top government agencies were attacked, and sensitive data was exposed.
Typical Targeted Vulnerabilities of Software Developers
Supply Chain Risks
There is a real and present risk of penetration through vendors of systems and other supply chain providers.
Unintentional Insider Failures/Vulnerability
Staff pools that may not fully appreciate cybersecurity risks and can be vulnerable to unintentionally opening gateways to hackers.
Gaps in Expertise
There may be gaps in expertise that do not cover vulnerabilities related to cyber intrusions of the host, or their clients. Software developers are sometimes a conduit for hackers to spread attacks to their clients.
Gaps in Technology
There may be a failure to secure gaps in a wide array of technology used by a Software Developer.
What is valuable in Software Developers that causes them to be targeted?
- Huge database of sensitive customer data.
- Compromised software can be used as a backdoor to spread attacks to the company’s clients and penetrate unsuspecting victims.
Case Study – Malaysian Software Developer
A local Software Developer was hit by Ransomware and wanted to use Cybots Solutions to generate an Incident Response.
- The Customer was looking for an incident response plan for identification and eradication.
- The Customer was also looking for the provision of MDR services for 30 days.
Cybots generated an Incident Response Plan and provided MDR services for 30 days.
- Cybots deployed our AI-enabled agents across 1,500+ machines in 8 days.
- AI identified 7 infected machines including 2 machines which were not installed with our AI agents.
- The AI-enabled Incident Response Plan was generated in 1 day.
Cybots was engaged to provide an Incident Response to a Ransomware intrusion. The environment included approximately 1,500 endpoints.
Cybots was also engaged to provide MDR services for 30 days.
The identification of infected machines from a pool of 1,500 endpoints was completed within 8 days. Thereafter, the Incident Report Plan was generated in 1 day. This was only possible with AI-enabled systems.
The deployment of AI-enabled Cybots Solutions reduced the time this task would normally take to 9 days from 6 to 8 weeks.
This highlights the speed and accuracy with which AI-driven solutions are able to pinpoint infected machines.
The engagement of Cybots yielded the desired outcome by:
- Completing the identification of infected machines from a pool of 1,500 endpoints in a timely manner.
- Providing MDR services for the stipulated amount of time.
- Completing the engagement within stipulated budget.