This case study is part of a series from Starcom that delves under the hood of real British businesses to reveal the infrastructure and security vulnerabilities that pose credible continuity risk.
Addressing IT anxieties
Rapid changes to the cyberthreat landscape and an unforeseen shift in operational requirements caused concern for this manufacturer, who we shall keep anonymous. Keen to understand whether they had developed additional cybersecurity vulnerabilities during 2020, the manufacturer undertook a security audit with Starcom– which was completed entirely remotely but no less thoroughly than an on-site review.
Upon being granted access, our expert team remotely accesses the manufacturer’s systems to analyse and risk assess:
- Policies, taking into account remote access and evolving operating practices
- Accounts and passwords, including Active Directory
- Network, analysing for weaknesses to internal and external attacks
- Security software – its presence, scope and robustness
- Systems, including endpoints and patching status
- Backup and disaster recovery, especially focusing on whether provisions are fit for new risks stemming from disparate working environments
Cyber scares our audit discovered
Following the analysis, we meticulously reviewed results and calculated an accurate risk score by which the manufacturer could clearly see critical areas of vulnerability. To help rectify issues uncovered, we compiled findings into a comprehensive report complete with recommendations for procedures, infrastructure and software. In this case, our security audit found several critical and developing risks which included:
- Critical errors including old operating systems unpatched for over 12 months, leaving a port wide open to the internet and subsequent cryptojacking attack
- Multiple suspicious and failed logon attempts to a server, originating from an unknown admin account
- Absence of password policies
- Multiple passwords leaked on the dark web
- Access to sensitive data for all users due to widespread admin account usage
- Antivirus software installed but not active on several machines
Working with internal teams, Starcom urgently resolved critical issues within a matter of days. We are now architecting a bespoke solution to ensure this manufacturer’s IT and operations are watertight from continuity risk into 2021 and beyond, and that their systems are optimised for resilience and flexible in the face of uncertainty.
Are you confident that you aren’t operating with similar blind spots and security lapses? For complete peace of mind and tailored recommendations from real data about your business, book a remote security audit with Starcom – click here to contact us or call +44 844 579 0800.