MEDIUM-SIZED CONSTRUCTION FIRM | INCIDENT RESPONSE TO A BUSINESS EMAIL COMPROMISE
A commercial construction firm engaged DarkTower to conduct a forensic investigation after a Business Email Compromise (BEC).
SITUATION
The client recently experienced a Business Email Compromise, which resulted in a initial loss of more than $500,000.
SOLUTION
DarkTower conducted a forensic investigation of the network for evidence of the source of the compromise.
The forensic data review and analysis engagement included:
Gathering all data from Office 365 tenant
Identifying and researching data exfiltration
Reviewing and reporting on user connections and data transmittal
Identifying and reporting on any existing malware
Thorough forensic review of email history, identifying compromises and unusual user activity
An investigation focused on malicious activity and final reports included:
Audit trails
System access reports
Chain of custody reports
Copies of all forensic evidence
RESULTS
DarkTower successfully located the point of compromise, allowing the client to address the vulnerabilities and mitigate against future attacks. Due to the forensic investigation findings, the client also successfully reclaimed all financial losses as a result of the BEC attack.
Client successfully launched their application after implementing recommendations from our comprehensive vulnerability assessments.
READY TO GET STARTED?
READY TO GET STARTED?
STRENGTHEN YOUR DEFENSE
STRENGTHEN YOUR DEFENSE
Whether you need expertise in targeted intelligence, financial crime, cybersecurity, or need cyber talent to build your team of defenders, DarkTower is dedicated to helping you achieve your cybersecurity goals.