Business Problem: This SMB size manufacturing company had $94,700 removed from a corporate bank account from an unknown person.  The incident was reported to the bank and FBI to investigate.  Due to the small amount of money, nominal resources were assigned with no strong leads.  Bank suspected a person/group in Eastern Europe that intercepted account credentials to withdraw funds.

Timeframe: Four weeks
 

Budget: $35,000
 

Business Solution: After the shocking discovery was made, it was time to implement rock-solid security solutions to prevent this from happening again.  The first step was to determine from a forensics perspective if a PC at the company had malware installed.  A malware program was discovered on one of the PC's in the accounting department.  It was determined based on interviews that various links may have been "clicked" by the end user as a habit to review emails.  The PC was removed from service for any future prosecution.  The entire company environment was scanned for viruses, malware, bot-nets, and adware to "sanitize" the infrastructure.  New firewalls were installed, VLAN's set up in accounting, and only dedicated PC's that went through extensive "hardening" and proactive monitoring tools now access financial systems.