The Battleground:

A Local Private Company

The Presumption:

Employees are trained on malware and associated risks in tandem with knowing and practicing procedures for recognizing, removing, and reporting a malware incident. Employees actively run antivirus and malware software and company equipment that had been taken out of the company's network is being scanned.

The Discovery:

Company equipment was infected by malware unknowingly download by the employee while off-network. When the employee reconnected the device to the company's network, the malware then spread throughout the network and infected a number of other connected devices.

The company was promptly notified when alarms were coming in from the IP addresses of the infected devices. The entire network was taken down and the infected devices were cleaned.

Our Solution:

Expressing to employees of your company the importance of running scans daily on a company device to prevent contamination and spread of malware and viruses. 

Lessons Learned:

Knowing and understanding the seriousness of malware and how to effectively handle the varying types, employees can spot and prevent similar situations from occurring through the provision of proper training, procedures and tools.