Our goal is to defend the world’s digital assets

CASE 1:

ENGINEERING FIRM NOTPETYA ATTACK 2016

CHALLENGE
A global engineering firm and a new client of ACDS at the time, was also affected by the 2016 global NotPETYA attack.

Developed as a disk-wiping cyber weapon by the Russian military and helped along by a leaked version of the NSA’s EternalBlue hacking tool – which is the same exploit that powered the WannaCry ransomware outbreak, NotPetya’s target was businesses in Ukraine.

However, the attack soon spread out of control and affected millions of businesses worldwide. It quickly became renowned as one of the most destructive and prolific cyber attacks of the 21st century

SOLUTION
ACDS immediately delivered rapid incident response services to contain the ransomware’s spread within the client’s network and over 1000 endpoints.

Once the attack was contained, ACDS developed a data-recovery strategy while maintaining basic operations of the large firm in order continue functioning. The attack had severely compromised the client’s databases and digital assets, to the point that financial processes were halted due to the destruction of payment and supplier information.

During this time ACDS’ services offset a potential union strike and significant revenue losses by reconfiguring financial systems in order to keep the business afloat while the effects of the attack were mitigated.

RESULT
After several engagements with many suppliers, that had left the organisation in a non-functioning state, ACDS has rebuilt their systems from scratch within a week of being appointed of lead incident response team.

The technology, procedures and preventative mechanisms developed by ACDS were adopted by the parent organisation in the EU (which also suffered massive losses due to the attack) as a best practice solution to address events like these in future.

WHY IS THIS IMPORTANT?
Imagine your online banking profile is deleted along with your whole phone and computer’s memory – now imagine this happening to a multi-million dollar company. The client had been non-operational for a month – ACDS was deployed to assist with incident response and managed to rebuild the entire system in 1 week

ACDS worked day and night to resolve the attack while helping the client to function in order to prevent the company from potentially closing its doors

ACDS was lauded for the speed, ingenuity and complete dedication to help their client recover from one of the worst cyber attacks of all time.

DAMAGE CONTAINED
ACDS saved their client over $1.5-million in potentially lost revenue.
FACT
They invited ACDS to their Christmas Party and gave them a special award for their efforts. They loved it.

CASE 2:

WANNACRY WORM ATTACK ON BLUE CHIP ENTERPRISE – 2017

CHALLENGE
ACDS was on site when the CFO of a large blue-chip company’s machine indicated that it was compromised and soon after 20% of the company’s infrastructure had been shut-down by the infamous Wannacry worm, which targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in Bitcoin.
SOLUTION
ACDS immediately countered the attacks, which were coming from all over the world by deploying an early version of Intercept, our proprietary defence software in order to identify and remove the affected end-points from the environment in order to plan the recovery strategy.

The problem was initially addressed by deploying a vulnerability analysis to inspect all online machines for the MS17-010 vulnerability, and isolate those machines.

Subsequent global intelligence enabled ACDS to isolate the attack by cutting off the data centre from the business in order to implement recovery and retrieval protocols.

RESULT
No ransom was paid by the organisation and ACDS spent 4-days recalibrating systems in order for the business to continue functioning without revenue loss.
WHY IS THIS IMPORTANT?
The speed with which ACDS addressed the problem enabled us to minimise client damage and risk

Unique code and Intercept played a key role in identifying and neutralising the attack

ACDS’ connections and international network enabled a swift solution facilitated by information-sharing and global learning

DAMAGE CONTAINED
ACDS saved their client over $3-million in potentially lost revenue and the South African operations were the least affected in comparison to other global regions in which the client operates.
FACT
Within 24 hours, WannaCry had spread around the world, infecting more than 230,000 computer systems in 150 countries and costing approximately $4 billion in financial losses.

CASE 3:

GLOBAL EMAIL SECURITY PLATFORM – 2018

CHALLENGE
ACDS was enlisted to conduct penetration testing for a global email security platform in order to identify potential security vulnerabilities.

While conducting stringent checks, ACDS discovered that the email filters, which were being tested, did not flag any new domains. These either looked very similar to an existing domain (such as google.com), or did not flag them for the pure fact that they were considered new domains – which are often used in large-scale cyber attacks.

ACDS successfully used this vulnerability to send a crafted phishing email to an IT director within the client’s organisation. The director did not identify the email as a phishing attack, clicked on the link, which redirected them to a benign site that mimicked the client’s intranet. The site then prompted the client to enter a username and password and therefore posted the credentials to ACDS – completely bypassing the inefficient targeted threat protection in the email security system.

This vulnerability posed a significant security risk for both the email marketing company and the software they supply to others.

SOLUTION
ACDS documented and escalated the matter to the email security vendor in order to patch the vulnerability and prevent that specific kind of attack from ever taking place in future. ACDS was subsequently invited to test the new defence and to validate its efficacy.
RESULT
ACDS played a key role in identifying and patching a vulnerability, which if left open, could have affected millions of users and clients of the email security software causing billion dollar losses and massive reputational damage to the software company.
WHY IS THIS IMPORTANT?
ACDS pen-tests are of the ordinary – to beat criminals we need to think like they do.

ACDS is a global contributor of cyber security best practices to global firms

ACDS identified a vulnerability that could have cost the company and its users billions in revenue and other damages

DAMAGE CONTAINED
Unquantified
FACT
Nearly one-third of all data breaches in 2018 involved phishing

WE ARE HERE TO HELP.

Is every device, user account across your network secure right now?
Contact ACDS for always-on cyber defenses that go further and faster.

South Africa Office

AMR Building 3, Concorde Rd E, Bedfordview, 2008

Call

087 073 9370

Email

Info@ACDS.email