Incident Response & Forensics, MTA
Overview
The Metropolitan Transportation Authority (MTA) is the largest public transit authority in the United States, serving the New York City metropolitan area. It operates the New York City Subway, buses, and commuter rail systems, including the Long Island Rail Road (LIRR) and Metro-North Railroad. The MTA is responsible for providing safe, efficient, and reliable transportation services to millions of passengers daily, supporting the region's economic vitality and quality of life. It also oversees bridges and tunnels, ensuring comprehensive transit solutions for the New York City region.
Project Scope
The Metropolitan Transportation Authority (MTA) was seeking a vendor to provide highly technical Incident Response & Forensics services. This service is a part of the IT Threat Intelligence group within the Cyber Security Operations Centre and the vendor was expected to provide direct support to the 24/7 Cyber Security Monitoring group as needed.
Solution
V Group Inc. has delivered a comprehensive solution to the MTA by fulfilling all the responsibilities. We served as the primary point of contact for MTA CSOC & MSSP cybersecurity incident escalations, interfacing directly with vendors and third parties to address compromises. Our team conducted thorough forensics on memory, disks, and logs, performed dynamic and static malware analysis, and managed the entire incident response lifecycle. We processed evidence following the Chain of Custody protocols and created detailed incident reports for executive management. Additionally, we provided recommendations to prevent future incidents and supported the Threat Intelligence group with threat hunting, readiness, and cyber content engineering and automation.