Case Study | Software Developer

A Malaysian Software Developer was hit by Ransomware and urgently needed a Solution to generate an Incident Response. See how Cybots delivered AI-driven Solutions on time and within budget.

Recent Software Developer Industry Intrusions

Fintech Cermati data breach points to urgency for data protection law: Experts – Jakarta Post

Data on almost 3 million users from fintech aggregator platform Cermati.com was leaked and sold online for US$2,200 on Oct. 28, as reported by cybersecurity researcher and consultant Teguh Aprianto via his Twitter account @secgron on Sunday. The leaked data includes names, addresses, bank accounts, emails, mother’s maiden names, tax numbers (NPWP) and passwords, he said.

The US is readying sanctions against Russia over the SolarWinds cyber attack – Business Insider

  • SolarWinds was the subject of a massive cybersecurity attack that spread to the company’s clients.
  • Major firms like Microsoft and top government agencies were attacked, and sensitive data was exposed.

Typical Targeted Vulnerabilities of Software Developers

Unintentional Insider Failures/Vulnerability

Staff pools that may not fully appreciate cybersecurity risks and can be vulnerable to unintentionally opening gateways to hackers.

Supply Chain Risks

There is a real and present risk of penetration through vendors of systems and other supply chain providers.

Gaps in Technology

There may be a failure to secure gaps in a wide array of technology used by a Software Developer.

Gaps in Expertise

There may be gaps in expertise that do not cover vulnerabilities related to cyber intrusions of the host, or their clients. Software developers are sometimes a conduit for hackers to spread attacks to their clients.

What is valuable in Software Developers that causes them to be targeted?

  • Huge database of sensitive customer data.
  • Compromised software can be used as a backdoor to spread attacks to the company’s clients and penetrate unsuspecting victims.

Case Study – Malaysian Software Developer

A local Software Developer was hit by Ransomware and wanted to use Cybots Solutions to generate an Incident Response.

  • The Customer was looking for an incident response plan for identification and eradication.
  • The Customer was also looking for the provision of MDR services for 30 days.

Cybots generated an Incident Response Plan and provided MDR services for 30 days.

  • Cybots deployed our AI-enabled agents across 1,500+ machines in 8 days.
  • AI identified 7 infected machines including 2 machines which were not installed with our AI agents.
  • The AI-enabled Incident Response Plan was generated in 1 day.

Implementation

Cybots was engaged to provide an Incident Response to a Ransomware intrusion. The environment included approximately 1,500 endpoints.

Cybots was also engaged to provide MDR services for 30 days.

The identification of infected machines from a pool of 1,500 endpoints was completed within 8 days. Thereafter, the Incident Report Plan was generated in 1 day. This was only possible with AI-enabled systems.

The deployment of AI-enabled Cybots Solutions reduced the time this task would normally take to 9 days from 6 to 8 weeks.

This highlights the speed and accuracy with which AI-driven solutions are able to pinpoint infected machines.

Key Takeaways/Conclusion

The engagement of Cybots yielded the desired outcome by:

  • Completing the identification of infected machines from a pool of 1,500 endpoints in a timely manner.
  • Providing MDR services for the stipulated amount of time.
  • Completing the engagement within stipulated budget.