Tasks and Objectives
A Private Healthcare company from the US contacted us after patients complained that they receive a lot of phone calls, unsolicited emails and even letters from all sorts of companies offering health related products and services.
Fast Lane Services and Solution
We have conducted a forensic analysis, vulnerability assessments and penetration tests but could not see an obvious hole in the beginning. Only after scanning all client laptops and PCs as well, we were able to find backdoors installed on numerous Windows machines. As the breach didn’t come through the corporate firewalls, we started investigating the mail server (Microsoft Exchange) and found that numerous employees have been targeted with a Social Engineering attack.
They have received emails which they thought would have come from a line manager, but in fact those emails were spoofed and contained a link to a drive by malware website. This malware has then been installed just by visiting the website where the link led to. Anti-Virus didn’t catch it either, as the malware initiated a simple Java warning, which the users clicked unfortunately. After cleaning all laptops and removing all backdoors we performed another full scan to ensure all loop holes have been patched.