A device on their network began pinging an IP address that CI Security knew to be up to no good.
The company had recently signed up with CI Security for MDR (Managed Detection Response) and a CI Security analyst caught the traffic headed to the “bad reputation” IP.
The analyst alerted the healthcare company immediately.
The company did a scan of the device and did not find any problems. But, because of the CI Security warning, they did a second scan with a different piece of software and found the malware.
"We can catch and help isolate infected devices quickly when your preventative controls fail,” said Mike Simon, CI Security’s Chief Technology Officer.
“We don’t know how the device got infected, but that’s the point since prevention is never perfect. All it takes is one bad document or one problematic USB stick. We can catch and help isolate infected devices quickly when your preventative controls fail.”
CTO at CI Security