The cyber attack.
Our customer was attacked via a VPN (virtual private network) connection in the night from Thursday to Friday, with the monitoring system sounding an alarm and signalling irregularities in the IT infrastructure. Immediately, our Bechtle on-call service responded, shutting down all systems to stop the spread of the attack. In addition, we dispatched one of our engineers who physically went into the data centre and disconnected all connections. This quick and decisive response was crucial to prevent a possible data leak. To determine the origin of the attack, we worked with an external forensics specialist. In parallel, we contacted the managing director and IT manager of the affected company and set up a crisis team.
The crisis management.
Already on Friday morning, a conference call was held with all parties involved, where our team shared the first findings with everyone. At this point, the entire IT infrastructure of the customer was no longer available and it was not clear if and when the customer would be able to work with it again. By then, it became apparent that the attack had taken place via a VPN connection and that the infrastructure had been encrypted and the first-level backups had been deleted. Thanks to a multi-stage backup concept that we had previously developed and implemented together with the customer, the last stage was unaffected by the attack and thus a recovery was very likely. The fast and effective communication between Bechtle and the customer played a decisive role here. Through regular conferences, twice a day, we were able to discuss the current status of the work and determine the further course of action. It was important to design a step-by-step recovery process to ensure that no re-encryption took place. We worked closely with the forensics experts to isolate and clean up infected areas, identify potential vulnerabilities and prevent further attacks. So also to have clarity on whether data has been leaked or not. This information is important for the customer, as he is obliged under the DSGVO (General Data Protection Regulation) to make appropriate notifications in the event of a data loss.
The strengths of Bechtle Schweiz AG.
In this challenging crisis situation, our Bechtle team demonstrated a number of strengths that contributed significantly to successful crisis management:
1. Determined commitment from all involved.
Our teams were on duty around the clock, including evenings and weekends. All employees were highly motivated to support the client in the best possible way. Their commitment and expertise were crucial to the successful outcome of the cyber attack on our client.
2. Excellent cooperation with our partners.
In particular, the close cooperation with our external forensics partner proved to be extremely valuable. Together we were able to determine the cause of the attack and take appropriate countermeasures.
3. Effective communication.
Open and transparent communication both with the client and internally was crucial. Through regular conferences, we were able to keep everyone involved up to date and coordinate the further course of action.
4. Clearly defined processes.
Bechtle Schweiz has clear and well-established processes for dealing with cyber threats. These have been consistently adhered to in order to ensure a structured approach and minimise errors.
Conclusion.
The case of the VPN attack illustrates the constant threat of cyber attacks that companies face today. So too does the great vulnerability and dependency with regard to IT, which is literally no longer available from one day to the next. Through effective crisis management and close cooperation between our Bechtle team, the customer and our partners, we were able to prevent the loss of data with a high degree of probability and successfully recover the affected data. As a result, our customer was able to resume his work after a few days, at the level of the data before the attack. The incident underscores the importance of applying and complying with common security standards, a comprehensive backup concept, fast response times, and a standardised and coordinated approach in crisis situations.
Bechtle Schweiz: Your strong partner for managed IT and IT security.
The cyber attack on our customer makes it clear that companies today are more dependent than ever on a comprehensive IT security strategy. With "360° Managed IT", you transfer responsibility for individual tasks or the complete operation of your IT to our experts. With first-class support and many years of know-how, our team is at your side to protect your business-critical data and minimise the impact of cyber attacks.
With our strong IT security team, our customised solutions and our network of external partners, you are also armed against cyber-attacks. Protect your company against the dangers of the digital age and rely on the expertise of Bechtle Schweiz AG. Contact us today and let's secure your digital future together.