Cyber Security Solution Case Study: Local School Faces Cyber Attack
Veteran Security team resolves the crisis and eliminates potential risks
Every website, intranet or server owner might become the victim of ransomware if the systems are not thoroughly secured. A secondary school reached out to UD seeking for a solution after its internal server was hacked due to ransomware. The hacker not only succeeded in gaining control of the server, but also exposed the personal data of parents and students, causing an information security crisis.
Client Background
Industry
Eductaion
Challenge
- Although the server was protected by various security settings, the anti-virus software was not up to date, which created security loopholes and allowed the hacker to take advantage of it.
- The school has lacked information security personnel and resources for professional monitoring and regular inspections of the servers. The security issue has been neglected for a long period of time.
UD Solution
- Recovered the data that has been removed by hackers.
- Performed Root Cause Analysis. During the process, UDomain’s in-house penetration tester team simulated how the hacker invaded the system, thus found out the root loophole. We provided a report with detailed patching suggestions, which allowed the school to fully understand the situation and resolved the issues.
- Perform follow-up retests, penetration testing for the web system, which includes vulnerability scanning and manual testing, to eliminate all vulnerabilities.
- Further managed the security settings to ensure that the system has sufficient defense configuration to resist hacker intrusion.
Achievement
Uncovered all vulnerabilities and ensure comprehensive data security
Strengthened encryption of personal information
Offered report and advice to help improve security awareness and resources allocation
3 Keys to Success
-
1. Professional team, multi-pronged approach
With years of experience, UDomain is fully aware of the acuteness and potential risks of security incidents. After learning the situation, UDomain professional team swiftly took over the crisis management with a series of investigation and testing, so as to detect fundamental vulnerabilities while dealing with the emergency situation. With this arrangement, the security crisis was resolved within a short period of time.
-
2. Comprehensive Penetration Test
Different from the programmed vulnerability scanning in the market, UDomain's penetration test combines the manual testing of vulnerabilities on the basis of the vulnerability scanning, comprehensive detection, detailed scanning reports, improvement plans and suggestions are also offered.
-
3. Tailor-made solution with appropriate suggestions
Taking the actual situation of the school into account, once the penetration test was completed, the cyber security analyst also provided targeted security recommendations during the briefing session, such as regularly updating the security software and checking the server settings. With our professional advice, the school has made corresponding arrangements for their website and system, while increasing the security awareness of their IT department.
