Under attack
In response to a significant and sustained cyber-attack, our company approached the NCSC to request support with the management of the investigation.
“The initial engagement consisted of information sharing, triaging and establishing a cadence for future meetings. This quickly evolved into a strong and beneficial partnership, based on mutual trust, transparency and a spirit of collective responsibility.”
Strengthening the defence
After appointing Cyber Incident Response (CIR) accredited suppliers and having further discussions with the NCSC’s Incident Management team, an introduction was made to Law Enforcement partners.
“This invoked a stream of investigative activity which not only served to stabilise a volatile and uncertain situation, but materially improved our understanding of the threat actor’s motives and intent.
“As a result, the company’s Executive Team were able to take appropriate risk-based decisions from a highly informed perspective, thereby minimising the impact of the attacker’s presence on the company’s operations.”
The NCSC’s role
“From a technical perspective, the NCSC’s Incident Response team provided significant support throughout the full investigative lifecycle.
“Operating as a central co-ordination unit, the team offered ongoing recommendations and guidance, ensuring that our continuity arrangements, eradication approach, evidence gathering, and cyber uplift activities were harmonised, prioritised and correctly orchestrated.”
Communicating with the public
A highly effective relationship was also built between communications team at our organisation, the NCSC and law enforcement. This ensured that consistent messaging was agreed and published in response to media speculation and enquiries from interested third parties.
“It also strengthened the assurances provided to our existing client base and perception of the partnership between the NCSC and the company to fully respond to the cyber-attack.”
“We owe a debt of gratitude”
“The overriding theme of the engagement was one of support, reassurance and effective team working.
“The professionalism, commitment and knowledge of the NCSC and Law Enforcement teams was exemplary throughout the incident.
“We owe a debt of gratitude to all those involved, who helped the company ensure critical operations continued to be provided to our customers during the incident and wider COVID-19 pandemic.”