Manufacturing (Asset Management)

Case Study

MANUFACTURING
(ASSET MANAGEMENT / SECURITY COVERAGE)

ISSUE: Ransomware; Insufficient Security Solutions; No Benchmark Behavior 

SOLUTION: UncommonX technology detected that rogue devices were on the client's network. The UncommonX SOC team were able to contain the issue and help deploy additional security solutions to prevent future attacks.

TAKEAWAY: Unmanaged and bring-your-own devices pose a huge threat to an organization's network. UncommonX can help put the right security measures in place and its software can prevent future attacks.

The Challenge:

  • A manufacturing organization that operates multiple warehouses and plants across the United States 
    suffered a ransomware attack that shut down multiple facilities.
  • Despite having various security solutions across the environment, they had no way of knowing:
    • A complete inventory of what devices and applications were on their network.
    • What role the devices were playing.
    • What a baseline “normal” behavior was.

The Solution:

  • UncommonX technology was deployed to provide a complete inventory of all devices on the client network
  • UncommonX detected that rogue devices were on the client's network and were being accessed by an unknown entity.
  • The client did not have the security solutions necessary to prevent these types of attacks.
  • The UncommonX SOC team contained the issue and worked with the manufacturer to
    • Identify every device on the network.
    • Understand what applications were installed.
    • Assist in deploying the applicable security solutions to the devices as needed.

The Results:

  • The manufacturer did not pay the ransom and was able to recover from the attack.
  • The UncommonX technology, in place now, alerts the collective teams when devices are added to the network.
  • The client can properly protect all its assets and ensure its ability to produce its products.

Takeaways:

  • More than 80% of all compromises we observed originate from such unmanaged devices.
  • Per Microsoft, these attacks are also notable for how they attempt to gain access to unmanaged or bring-your-own devices.
  • Ransomware operators are increasingly exploiting vulnerabilities in less common software, making it more difficult to predict and defend against attacks.
  • Many organizations simply don’t know what is on their networks, what role devices are acting as and a way to quickly identify rogue devices to prevent attacks like this from happening. That's where UncommonX can help!