| The Background |
|---|
| A recently signed up member to Police CyberAlarm (PCA) – a school academy – had initially been notified by the PCA team via its local cyber protect officer, that it was potentially open to a serious Microsoft vulnerability. The notification was issued upon identifying a key indicator of compromise (IOC) associated with the Microsoft vulnerability on the member’s logs. A few days later, the academy contacted PCA to report it had now fallen victim to a debilitating cyber-attack. The academy was prevented from accessing its own data and the cyber-criminal attempted to cover its tracks by resetting user account passwords and deleting access log files. Thanks to being a PCA member, all suspicious activity on the academy’s firewall was logged by PCA, including when and where the attack had occurred, as well as the source of the attack. |
| The Outcome |
|
This gave the police the forensic evidence of the events leading up to and during the attack on the member’s internet gateway. This meant that a detailed picture of what happened could be shared with the member, and based on this information, the organisation could restore its systems, mitigate the effects of the attack and better protect itself from future threats. The academy trust now has all its schools signed up to Police CyberAlarm as parts of its Risk Protection Arrangement with the Department for Education. |
This website stores data such as cookies to enable site functionality, more details can be found in our Privacy Policy and our Cookie Policy. By using this website, you agree to allow us to handle your data as set out in these policies.