Agile and Efficient Security Investigation of Cyber Attack
A leading global Retailer with a global presence and listed on the Hong Kong Stock Exchange since 1992. With the headquarter in Hong Kong and achieved US$1 Billion plus sales turnover in 2018
At a Glance
and remediation
Attack
annual turnover
What brings them to MXC
While evaluating Security Information Event Management for transforming their traditional global retail business to a digital supply chain oriented business model, they were suffered from a zero-day attack that impacted their network performance without any vaccine from any of their existing security vendors such as IPS, Anti-virus and endpoint software.
Challenges
- Lack of internal resources and domain knowledge on current cybersecurity incident handling and management
- Complexity on multi-countries and company network/system structure with a few recent merger & acquisitions
- Most of their security partners are either product expert or System Integrators without much experience on security incident response and analysis experience
Results
Maximus or MXC Managed Security Team was appointed immediately as their Security Consultant purely for the current security investigation.
By leveraging with one of the Security Information Event Management (SIEM) software installed (just for Proof of Concept), our security consultants have identified both root causes and the attack paths so that their security vendors reproduced the problem and create the signature to remediate the attack within 3 days
MXC created a security dashboard and real-time security monitoring to replace their current self-developed script-based security monitoring for the current situation
The first time that their security team identify security problems that the organization didn’t know existed (good learning on a product is never the lifesaver in today digital economy
A better understanding of their strengths (blue team) within the current environment