Investigation and defense of hacking attacks, Incident Handling & Incident Response
If you noticed that your company is currently being attacked or know about a recent attack, you need to know if the attack was successful and if so, how many servers were compromised and what damage has occured.
When you notice attacks against critical infrastructure and business systems it is important to remain calm and to thoroughly analyse the attacks to identify all the systems that may have been compromised and to estimate the damage caused by the attacks. After the inital assassement the attacks have to be stopped and all the exploited vulnerabilities needs to be fixed.
To identify the damage a digital evidence preservation should take place in order to conduct a thorough computer forensic analysis to identify the attack vectors and the number of compromised servers. Covertly sniffing the network traffic might also give some more information on the number of compromised servers and the data that has been manipulated or leaked.
If you gathered enough information on the attack and the methods used, you should stop the attack and ll the exploited vulnerabilities needs to be fixed or at least tightly monitored to mitigate the risks of new attacks until a fix can be provided.
We will help you with all steps of the incident response and incident handling. We will also gladly assist in creating emergency plans and IT security concepts.