Multiple Compromises Detected and Mitigated by Synoptek’s Security Team
IRVINE, CA – July 20, 2017 – Synoptek, a global award-winning Managed IT Services Provider (MSP) and cloud-services firm, and Darktrace, the leader in Enterprise Immune System technology, have today announced the successful detection and remediation of a large-scale malware infection in a leading financial institution’s network.
Due to the sensitive nature of their data and the stringent regulatory environment within which they operate, financial institutions are consistently targeted by threat actors. In addition, this particular organization lacked a dedicated and robust security team. To meet these challenges, the financial institution partnered with Synoptek to deploy and manage Darktrace’s Enterprise Immune System to detect and defend against pernicious cyber-threats. The financial institution also leverages Synoptek’s security team to assist with threat investigation and analysis.
A few weeks after deploying Darktrace’s self-learning technology, the AI algorithms alerted Synoptek’s security team to a serious anomaly in its network. Eight VoIP devices were spotted reaching out for new databases which contained the ShellShock vulnerability, a form of malware predominantly associated with DDoS attacks that performs stealthy scans of the network. The unpatched devices were managed by a third-party service provider who failed to maintain the appropriate patch levels.
As a result, the internet-connected phones had been compromised and brought into the fold of a large and sophisticated botnet army. Thanks to the complete visibility into the financial institution’s network enabled by Darktrace’s AI technology, Synoptek was able to identify more than 60 other devices that were vulnerable to compromise. The Enterprise Immune System uncovered the emerging threat within minutes. Once the attack had been identified and neutralized, the customer was able to rely on Synoptek’s expertise to remediate the impacted devices. Additionally, Synoptek helped the customer craft new security policies that third party service providers must adhere to when providing services containing IoT devices to the company.
“Financial services organizations remain a top target for sophisticated cyber attacks, but some of these firms often do not have the resources and processes to detect anomalies within their networks,” commented Tim Britt, CEO, Synoptek. “Synoptek and Darktrace, which provides a truly game-changing AI technology, have partnered to provide continuous operational processes that leverage a great technology to improve IT security operations and achieve a more mature Cybersecurity strategy.”
“Across our 2,500 deployments, we spot and stop malicious infections every day,” commented Justin Fier, Director of Cyber Intelligence and Analytics, Darktrace. “Without the company’s use of Darktrace’s AI technology, it would lack even the basic visibility required for identifying this insidious threat, as it was emerging. Our partnership with Synoptek’s invaluable MSP program has allowed for companies that lack a robust security team to efficiently identify and investigate serious in-progress cyber-threats before they can do real damage.”
About Darktrace
Darktrace is the world’s leading machine learning company for Cybersecurity. Created by mathematicians from the University of Cambridge, the Enterprise Immune System uses AI algorithms to automatically detect and take action against cyber-threats within all types of networks, including physical, cloud and virtualized networks, as well as IoT and industrial control systems. A self-configuring platform, Darktrace requires no prior set-up, identifying advanced threats in real time, including zero-days, insiders and stealthy, silent attackers. Headquartered in San Francisco and Cambridge, UK, Darktrace has 24 offices worldwide.
About Synoptek
Synoptek offers IT consulting, managed services, cloud services, and on-premise IT management as well as 24/7 end user support for improving business results. With over 525 employees and more than 2,000 active customers in the United States and abroad, Synoptek provides comprehensive information technology management services and support. Synoptek leverages ITIL service management processes, customer-focused IT architecture, and operational excellence to deliver uninterrupted services demanded by today’s market. Over the past four years, Synoptek has been consistently recognized for thought leadership and growth as confirmed by industry awards and recognition including a #4 Total-Service-Provider by MSPmentor in the World’s Top Managed Service Providers in 2016, CRN’s Elite 150 Managed Service Providers, and recognition on the Talkin’ Cloud Top 100 Cloud Service Providers list for 2014, 2015, and 2016. For more information, visit www.synoptek.com .
Learn More About Synoptek’s Managed IT Security Services: