Extensive telemetry and intelligence for accelerated investigation and remediation.
Infrastructure Manufacturer Reclaims Control After Dual Ransomware Attacks
With potential financial, operational, and reputational consequences looming large, the client looked to Unit 42® to help protect operations and sensitive data.
The Client
A U.S.-based manufacturer of infrastructure equipment and materials
The Challenge
Dual ransomware attacks from Black Basta and LockBit crippled the operations of an infrastructure equipment manufacturer. The adversaries first exfiltrated sensitive data, then detonated ransomware that encrypted critical files within 24 hours. Unit 42 stepped in to help:
- Assess the scopes of the attacks and identify the initial access points and the extent of data exfiltration.
- Contain the threats by blocking ransomware indicators of compromise (IoCs) and initiate 24/7 threat monitoring.
- Eradicate the threat actors from the environment to prevent further lateral movement or damage and negotiate down the ransom demands.
Unit 42’s Rigorous Incident Response Approach for Superior Outcomes
Threat-Informed Incident Response
With Unit 42 Incident Response, stay ahead of threats and out of the news. Investigate, contain and recover from incidents faster and emerge stronger than ever before, backed by the full power of the world’s leading cybersecurity company. Contact us to gain peace of mind.
Backed by Industry’s Best
- Threat Intel
- Technology
Palo Alto Networks platform for in-depth visibility to find, contain and eliminate threats faster, with limited disruption.
- Experience
Trusted experts who mobilize quickly and act decisively in over 1K incidents per year.