How VMtech and Cylance prevented a trojan attack on the Sydney Opera House

By on
How VMtech and Cylance prevented a trojan attack on the Sydney Opera House

The Sydney Opera House (SOH) has selected VMtech and Cylance to protect its approximately 1300 endpoints with Cylance's AI-based enterprise endpoint security.

As a non-profit funded by the NSW state government, the SOH is required to comply with data privacy and sovereignty laws.

On top of that, SOH management realised its database was a high-value target for cyber attackers who could compromise the information from its point of sale and ticketing systems, along with personal information from high-profile individuals that perform and the approximately 1.5 million who attend shows at the landmark each year.

So when it came time to update its cybersecurity measures, the organisation realised its signature-based defences were no longer up to the task of protecting against sophisticated malware and ransomware attacks.

“We knew we were an attractive target for notoriety-seeking hackers and identity thieves bent on stealing visitor data from our point of sale network and ticketing systems," SOH head of infrastructure and information Garry Wordsworth said.

After a proof-of-concept process with other vendors, SOH selected CylancePROTECT as its preferred solution to protect its 1300 endpoints, and long-time partner VMtech to implement it. SOH's IT infrastructure environment includes Windows and Apple-based systems, as well as physical and VMware-based Windows and Linux servers.

CylancePROTECT doesn't require users to constantly stream data to the cloud or need internet connectivity to maintain functionality. Cylance's management interface is hosted in AWS's cloud in Sydney, allowing SOH to comply with its data sovereignty obligations.

Wordsworth said there were a number of factors that played into SOH's decision to pick Cylance as its endpoint protection solutions.

“First, CylancePROTECT was the only one that detected and blocked every attack we threw at it. This was an impressive performance. CylancePROTECT security policies also proved to be extremely granular. For example, we were able to restrict the right to run scripts to members of our IT department only.”

Wordsworth said that the Cylance solution has already started paying for itself.

"Recently, a DLL injection trojan caused havoc at some of the world’s largest organisations. CylancePROTECT blocked it instantly. When we checked, as we do frequently, we discovered that our legacy defences would have failed us. The recovery and remediation tasks alone would have cost us valuable time, effort, and productivity."

The next step for SOH will be to continue working with VMtech to maintain its overall security position and add more enhancements to its security infrastructure.

VMtech, which was acquired by Telstra in December, won Cylance's solution provider of the year award for 2018. The solution provider cites Cylance as a "critical part of our endpoint security offering," providing proactive artificial intelligence-based threat prevention to customers."

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © CRN Australia. All rights reserved.

Most Read Articles

Log In

  |  Forgot your password?