Reduce Troubleshooting from Weeks to Minutes
Supporting Operations and Security Teams
Because Vigilant provides security in depth, we do more than stop threats. Our services decrease the mean time to resolution for numerous operational issues because troubleshooting is seamless with the visibility Vigilant brings.
A large healthcare conglomerate approached us because they were having significant bandwidth complications across all their environments. Their teams had been working on this issue for over a month with no result and the bandwidth kept getting slower. By the time they engaged us the issues were becoming so severe that they were considering moving to temporary paper operations because of the degradation of their systems.
VIGILANT NETWORK DETECTION
Vigilant deployed MNDR at six hospital locations within 24 hours of communication with the client. Hospital networks are increasingly complex with significant segmentation and traffic taking nonstandard routes. To complicate matters further, technology isn’t always in control of the teams managing it due to third party technology integrations. In many cases, these technologies are used to monitor vitals and dispense medications. However, once we were fully operational, we knew almost immediately what the issue was. Using the visibility from our MNDR solution, we found Conficker malware on Windows 98 systems. The malware had propagated throughout their network and was causing bandwidth slowdowns in the internal operating environment of their facilities.
Our client was not aware of any Windows 98 installations since policy dictated it was not allowed in any of their locations for compliance reasons—and well it’s 2022. But why didn’t they know? They were relying on the certification supplied by their vendors to prove compliance, and they’re vendors didn’t tell them. Vigilant’s detection and analysis discovered the noncompliant systems and we were able to provide forensic evidence to show that Windows 98 systems were indeed in the hospitals’ infrastructure and were infected with Conficker. The worst part? The infected systems were heart monitors!
The client was dealing with killware because the third party technology provider created a splash screen on the monitor to disguise the unsupported OS in order to cut costs. Without this level of visibility and analysis, normally, you would have to troubleshoot everything, all along the system, across multiple devices. It would take hours, days, sometimes weeks. But because we had the ability to see what was happening inside this environment, we were able to identify very quickly what was happening and causing a major problem inside this organization. It helped save lives and a significant amount of time…
Time saved for the client’s IT Ops team.