Client Stories

Construction Materials Provider

When your business relies on technology, a cyber-attack resulting in data damage, loss or ransom can threaten everything. Investment in resilient network infrastructure, data backup and disaster recovery planning play significant roles in reducing the impact. 

When Microsoft announced a zero-day exploit affecting on-premises servers and being actively targeted, we were quick to act. We proactively began investigations and made immediate contact with our client, a construction materials provider. Our previously agreed robust disaster recovery plan permitted a quick and effective response.

Construction materials provider IT case study

Flex-IT approach

  • Project

    Minimising impact and restoring operations following a cyber-attack.

  • Timeframe

    All major servers and end-points were available in 3 days, except the Exchange Server, which took 10 days.

    • Firstly, we were able to contain the exploit, so it couldn’t trigger or infect other systems. Efforts then turned to data recovery. With our secure Backup-as-a-Service solution, file recovery was straightforward.

    Email continuity had been set up to provide secure email protection. This solution meant that the company had email availability throughout. This maintained communication channels with clients, colleagues and other parties.

    Conclusion

    Disaster recovery planning, resilient infrastructure and a quick response to the security alert minimised the impact of a major cyber-attack. Our client was able to resume business as usual in days. The same issue caused the parent company (not managed by Flex IT) to be out for 3-4 weeks.

Services included

    • Contacting our client and starting work within minutes of being informed
    • Checking the Exchange Server for indicators of compromise following Microsoft’s guidance
    • Patching the Exchange Server when evidence indicated the exploit was present
    • Isolated all systems on the network
    • Checking all Servers & end-points for any sign of Malware and/or Virus infestation.
    • Making Operational and Data Servers, as well as Endpoints, available
    • Rebuilding the Operating System from scratch, with the most up to date security patches; the cleanest and quickest way to deal with the affected Exchange Server
    • Reinstalling the Exchange and all updates as required
    • Restoring the Exchange Server Database from the unaffected Replica Server and making it live to users
    • Fetching email from the continuity platform

Project statistics

100% Customer satisfaction
98% 1st response SLA met

Download our brochure