Was the cyber attack successful?

The challenge: Provide reassurance to our law firm client that a recent phishing attack had not compromised security or left malware on their system.

We recently helped a legal client who had potentially fallen victim to an emerging type of phishing attack perpetrated through a Teams chat invite.  Several employees had clicked on the link and the firm’s IT department were keen to ensure that no content had been uploaded to the perpetrator’s site, or malware downloaded erroneously.  The IT team had carried out their own content search queries across their Microsoft estate but wanted reassurance from our experts that nothing malicious had been left behind and no data shared inadvertently.

A few months earlier, Salient’s team had provided the law firm with internal training on using Microsoft Purview for eDiscovery, so our client was aware of our expertise in this area.  Content search and data analysis are core to our business, so we’re well versed in the best way to structure a rigorous search and were able to provide our client with assurances that a search that yields nothing does so because there is nothing to find, not because the search criteria were lacking.  Our experts assisted with creating a case within Microsoft Purview’s eDiscovery functionality, ran queries across the custodians involved and focused on a thorough search of Teams.  We were able to provide our client with reassurance that the phishing attack had not resulted in any data leakage.

Salient’s experts can help you to navigate your way around Microsoft 365 Purview’s eDiscovery tools, maximising your investment in Microsoft by harnessing its innate tooling.  We provide training on its features and functionality for teams who regularly undertake eDiscovery within your Microsoft environment, helping them to have confidence in the searches that they undertake.  We can also undertake eDiscovery searches and collection within your Microsoft environment on your behalf.

Get in touch for more information.