An engineering consulting firm experienced a ransomware attack after threat actors compromised one of its servers and a computer that didn’t have multi-factor authentication enabled. After reporting the matter to Coalition, the firm spent nearly one month working directly with Coalition Incident Response (CIR1) to investigate the incident and restore its network.

During the investigation, the firm’s technicians were unable to access third-party accreditations, which directly impacted customer service. “Three weeks of hell,” said the firm’s president, describing the event. “Being hacked is not a great experience, but working with CIR was fantastic.”

CIR deployed SentinelOne® Endpoint Detection and Response technology to monitor the firm as part of its response to the ransomware attack. After fully recovering from the attack and wanting to do everything possible to prevent a similar incident, the firm enlisted in Coalition Managed Detection & Response (MDR²) for ongoing support.

“MDR is a 24-hour burglar alarm on your network with 24/7 support,” said the firm’s president. “I have peace of mind knowing we’ve got another set of eyes watching what’s going on at all hours of the day. If a hacker is trying to get in, the Coalition MDR team will see it before we even have a chance to see it.”

1. Breach response included the engagement of an incident response firm; the insured selected Coalition Incident Response, Inc.

2. Coalition MDR services are provided by Coalition Incident Response, Inc., a wholly owned affiliate of Coalition, Inc.