Stopping a Cyberattack: Managed Detection and Response In Action

By Jason Bloomberg

This is a true story. The targeted company wishes to remain anonymous – typical in instances of compromise – so we’ll call it Horizon.

With the help of a team of experts, Horizon was able to stop a determined attacker in its tracks. Here’s how they did it.

The Vulnerability

Horizon had signed up for the Managed Detection and Response (MDR) service from Open Systems – a fortuitous choice, as this story will show.

Unfortunately, Horizon’s deployment of Open Systems’ SD-WAN technology was not complete at the time of the attack. The company was in the process of rolling out Open Systems Network Detection and Response (NDR) technology, including SD-WAN, firewalls and secure web gateways, but the attacker found an entry point not yet protected by this technology.

The attack vector: a simple phishing attack, using a fake Google Chrome download alert (see the diagram below). The attacker cast a wide net with its social engineering, knowing that a single click on the alert’s install button would give the attacker entry to Horizon’s network.

Read the entire article here.

SHARE THIS: