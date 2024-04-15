In December of 2019, Armellini Logistics was the target of a sophisticated ransomware attack. While the company quickly and successfully recovered from the attack, it was determined to adopt a more proactive approach to prevention moving forward.
Armellini is a nationwide trucking and logistics company in the US, specializing in time-sensitive, temperature-controlled shipments. The company is well known for excellent customer service, and it refused to let future cyberattacks put that reputation at risk. Armellini's security team was tasked with finding innovative ways to reduce the company’s operational risk from ransomware. The attack brought to their attention the risks posed by shadow IT.
To begin, Armellini's team set out to identify solutions that could help them discover unknown assets and develop an action-plan for minimizing their greatest external risks. In researching potential solutions, the Armellini team zeroed in on attack surface management (ASM). Eric McManis, Armellini’s Director of IT, explains: “We had no way of knowing which of our assets an attacker would target first until we worked with IBM Security Randori Recon.”
Saved 15 hours per week by eliminating guesswork
In need of a low-friction solution to provide its small team with high quality and actionable insights into the company’s attack surface, Armellini engaged a free IBM Security® Randori Recon report. Given its attacker-focused approach to ASM, the Randori Recon report showed Armellini how the attacker’s perspective could illuminate shadow IT and prioritize which external assets were most likely to be targeted.
Critical for Armellini was Randori Recon’s target temptation model, which analyzes each external target using the same factors most often used by today’s threat actors when determining where to strike next. This unique approach differentiated itself from other ASM solutions by providing Armellini with a prioritized list on which they could take action.
Armellini kicked off a 30-day proof of concept and quickly discovered additional issues, including a vulnerable VPN. Armed with this evidence, the Armellini team was able to go to their board and secure funding to begin implementing Randori Recon.
With Randori Recon, Armellini has been able to gain deeper visibility into external risk and ensure that the company’s asset and vulnerability management systems are updated as new cloud and SaaS applications come online. Increasingly, Armellini has been using Randori Recon's target temptation analysis to triage and prioritize which vulnerabilities to patch. With this insight, the Armellini team has helped to reduce the company’s risk without impacting business operations.
Moving forward, the team hopes to begin testing the resiliency of their security program using IBM Security Randori Attack Targeted’s continuous automated red team capabilities in the near future.
Armellini (link resides outside of ibm.com) is a family-run nationwide shipping, storage and logistics company based in Florida. Started in 1945 by husband-and-wife team Jules and Sarah Armellini, the company distinguishes itself through its dedication to customer satisfaction and investment in innovation. Armellini is one of America’s largest providers of temperature-controlled shipments, with logistic centers and warehouses across the United States.
© Copyright IBM Corporation 2023. IBM Corporation, New Orchard Road, Armonk, NY 10504
Produced in United States of America, September 2023.
IBM, the IBM logo, and IBM Security are trademarks of International Business Machines Corporation, registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on ibm.com/trademark.
Randori is a trademark of Randori, an IBM Company.
This document is current as of the initial date of publication and may be changed by IBM at any time. Not all offerings are available in every country in which IBM operates.
Statement of Good Security Practices: No IT system or product should be considered completely secure, and no single product, service or security measure can be completely effective in preventing improper use or access. IBM does not warrant that any systems, products or services are immune from, or will make your enterprise immune from, the malicious or illegal conduct of any party.