Case Study | Software Developer
A Malaysian Software Developer was hit by Ransomware and urgently needed a Solution to generate an Incident Response. See how Cybots delivered AI-driven Solutions on time and within budget.
Recent Software Developer Industry Intrusions
Data on almost 3 million users from fintech aggregator platform Cermati.com was leaked and sold online for US$2,200 on Oct. 28, as reported by cybersecurity researcher and consultant Teguh Aprianto via his Twitter account @secgron on Sunday. The leaked data includes names, addresses, bank accounts, emails, mother’s maiden names, tax numbers (NPWP) and passwords, he said.
- SolarWinds was the subject of a massive cybersecurity attack that spread to the company’s clients.
- Major firms like Microsoft and top government agencies were attacked, and sensitive data was exposed.
Typical Targeted Vulnerabilities of Software Developers
Unintentional Insider Failures/Vulnerability
Staff pools that may not fully appreciate cybersecurity risks and can be vulnerable to unintentionally opening gateways to hackers.
Supply Chain Risks
There is a real and present risk of penetration through vendors of systems and other supply chain providers.
Gaps in Technology
There may be a failure to secure gaps in a wide array of technology used by a Software Developer.
Gaps in Expertise
There may be gaps in expertise that do not cover vulnerabilities related to cyber intrusions of the host, or their clients. Software developers are sometimes a conduit for hackers to spread attacks to their clients.
What is valuable in Software Developers that causes them to be targeted?
- Huge database of sensitive customer data.
- Compromised software can be used as a backdoor to spread attacks to the company’s clients and penetrate unsuspecting victims.
Case Study – Malaysian Software Developer
A local Software Developer was hit by Ransomware and wanted to use Cybots Solutions to generate an Incident Response.
- The Customer was looking for an incident response plan for identification and eradication.
- The Customer was also looking for the provision of MDR services for 30 days.
Cybots generated an Incident Response Plan and provided MDR services for 30 days.
- Cybots deployed our AI-enabled agents across 1,500+ machines in 8 days.
- AI identified 7 infected machines including 2 machines which were not installed with our AI agents.
- The AI-enabled Incident Response Plan was generated in 1 day.
Cybots was engaged to provide an Incident Response to a Ransomware intrusion. The environment included approximately 1,500 endpoints.
Cybots was also engaged to provide MDR services for 30 days.
The identification of infected machines from a pool of 1,500 endpoints was completed within 8 days. Thereafter, the Incident Report Plan was generated in 1 day. This was only possible with AI-enabled systems.
The deployment of AI-enabled Cybots Solutions reduced the time this task would normally take to 9 days from 6 to 8 weeks.
This highlights the speed and accuracy with which AI-driven solutions are able to pinpoint infected machines.
The engagement of Cybots yielded the desired outcome by:
- Completing the identification of infected machines from a pool of 1,500 endpoints in a timely manner.
- Providing MDR services for the stipulated amount of time.
- Completing the engagement within stipulated budget.