金融服务机构阻止针对高级管理人员的攻击
公司规模
Large Corporate
产品
- DTEX
- ProofPoint
- Cylance Endpoint Detection and Response
技术栈
- Java
- Email Security
- Malware Detection
实施规模
- Enterprise-wide Deployment
技术
- 网络安全和隐私 - 端点安全
- 网络安全和隐私 - 网络安全
适用行业
- 金融与保险
适用功能
- 商业运营
用例
- 网络安全
- 欺诈识别
服务
- 网络安全服务
- 系统集成
关于客户
客户是一家拥有 10,000 多名员工的大型金融服务公司。该公司是针对公司高级职员的 Java 后门攻击的受害者。尽管部署了多种防病毒、端点检测和响应 (EDR) 和电子邮件安全工具,但攻击还是成功绕过了这些防御措施,并落入了高级职员的计算机。该恶意软件使用常见的管理命令,不会触发其他安全解决方案的警报。攻击是通过一封看似与运输有关的钓鱼电子邮件进行的,而这恰恰是高管所预料到的。该电子邮件包含一个恶意链接,指向一个受感染的土耳其网站,该网站下载了恶意软件。
挑战
一家拥有 10,000 多名员工的大型金融服务公司成为针对高级管理人员的 Java 后门攻击的目标。尽管安装了多种防病毒、端点检测和响应 (EDR) 和电子邮件安全工具,但攻击还是设法绕过了这些防御措施并落入了高管的计算机。该恶意软件使用常见的管理命令,不会触发其他安全解决方案的警报。如果没有 DTEX 提供的可见性,攻击将无法被发现,可能会导致数据盗窃、破坏、组织内部横向移动或更糟的情况。恶意软件通过一封看似与运输有关的钓鱼电子邮件发送,这是高管所预料到的。该电子邮件包含一个恶意链接,指向一个下载恶意软件的受感染土耳其网站。然后,恶意软件通过在桌面上创建一个新的临时文件夹并将所有相关文件移动到此位置来隐藏自身。它还在注册表目录中创建了一条新路径,在机器上建立了持久立足点,并采取了多项措施来枚举环境。
解决方案
DTEX 是唯一一款能够考虑场景背景并考虑到这些活动对于该特定用户而言高度可疑的解决方案。因此,它立即对这种潜在的恶意软件活动发出警报。在识别出最初的恶意软件后,客户的安全团队在其余用户环境中搜索了这些入侵指标,以确定是否有其他用户与类似主题的电子邮件或异常的 Java 相关活动实例进行过交互。借助 DTEX,这些搜索在几分钟内便在整个组织范围内完成。该公司立即决定清除并停用该设备。他们还可以快速确认此网络钓鱼电子邮件是针对该特定用户的有针对性攻击,不会影响任何其他用户,也不会在整个组织中横向传播。如果没有 DTEX,客户不仅永远无法发现这一重大威胁,而且他们还缺乏进行快速彻底调查的可见性和审计线索。
运营影响
数量效益
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
相关案例.
Case Study
Real-time In-vehicle Monitoring
The telematic solution provides this vital premium-adjusting information. The solution also helps detect and deter vehicle or trailer theft – as soon as a theft occurs, monitoring personnel can alert the appropriate authorities, providing an exact location.“With more and more insurance companies and major fleet operators interested in monitoring driver behaviour on the grounds of road safety, efficient logistics and costs, the market for this type of device and associated e-business services is growing rapidly within Italy and the rest of Europe,” says Franco.“The insurance companies are especially interested in the pay-per-use and pay-as-you-drive applications while other organisations employ the technology for road user charging.”“One million vehicles in Italy currently carry such devices and forecasts indicate that the European market will increase tenfold by 2014.However, for our technology to work effectively, we needed a highly reliable wireless data network to carry the information between the vehicles and monitoring stations.”
Case Study
Safety First with Folksam
The competitiveness of the car insurance market is driving UBI growth as a means for insurance companies to differentiate their customer propositions as well as improving operational efficiency. An insurance model - usage-based insurance ("UBI") - offers possibilities for insurers to do more efficient market segmentation and accurate risk assessment and pricing. Insurers require an IoT solution for the purpose of data collection and performance analysis
Case Study
Smooth Transition to Energy Savings
The building was equipped with four end-of-life Trane water cooled chillers, located in the basement. Johnson Controls installed four York water cooled centrifugal chillers with unit mounted variable speed drives and a total installed cooling capacity of 6,8 MW. Each chiller has a capacity of 1,6 MW (variable to 1.9MW depending upon condenser water temperatures). Johnson Controls needed to design the equipment in such way that it would fit the dimensional constraints of the existing plant area and plant access route but also the specific performance requirements of the client. Morgan Stanley required the chiller plant to match the building load profile, turn down to match the low load requirement when needed and provide an improvement in the Energy Efficiency Ratio across the entire operating range. Other requirements were a reduction in the chiller noise level to improve the working environment in the plant room and a wide operating envelope coupled with intelligent controls to allow possible variation in both flow rate and temperature. The latter was needed to leverage increased capacity from a reduced number of machines during the different installation phases and allow future enhancement to a variable primary flow system.
Case Study
Automated Pallet Labeling Solution for SPR Packaging
SPR Packaging, an American supplier of packaging solutions, was in search of an automated pallet labeling solution that could meet their immediate and future needs. They aimed to equip their lines with automatic printer applicators, but also required a solution that could interface with their accounting software. The challenge was to find a system that could read a 2D code on pallets at the stretch wrapper, track the pallet, and flag any pallets with unread barcodes for inspection. The pallets could be single or double stacked, and the system needed to be able to differentiate between the two. SPR Packaging sought a system integrator with extensive experience in advanced printing and tracking solutions to provide a complete traceability system.
Case Study
Transforming insurance pricing while improving driver safety
The Internet of Things (IoT) is revolutionizing the car insurance industry on a scale not seen since the introduction of the car itself. For decades, premiums have been calculated using proxy-based risk assessment models and historical data. Today, a growing number of innovative companies such as Quebec-based Industrielle Alliance are moving to usage-based insurance (UBI) models, driven by the advancement of telematics technologies and smart tracking devices.
Case Study
Enhancing Security and Compliance in Remitly's Global Money Transfer Service with Fastly
Remitly, an online remittance service, was faced with the challenge of securing its proprietary global transfer network. The company needed a security solution that could meet PCI requirements and protect customers' sensitive transactions through its mobile application. The solution had to be capable of defending against new and emerging attack types without impacting performance. Remitly also had to deal with irregular traffic patterns, such as a sudden spike in account transfers from a small network segment on the Pacific coastline of South America. The company needed to determine in real time whether such traffic indicated an attack or valid requests. A traditional web application firewall (WAF) would not be able to distinguish this traffic, potentially leading to customer frustration if the IP was blacklisted.
