Case Study: How Zynet Helped Extrusions Australia Contain a Breach and Build Cyber Resilience

Executive Summary

Extrusions Australia, a manufacturing business with close to ninety staff across factory and office roles, experienced a cyber breach during a long weekend while finalising a new technology partner. Zynet mobilised out of hours, contained the incident, restored operations, and advised against a restore only approach that would have carried a high risk of re infection.

The business then worked with Zynet to move from reactive fixes to a prevention first model. This included monitoring, access hardening, password exposure remediation, staged infrastructure upgrades, and clear user guidance that strengthened the overall security posture.

Client Snapshot

Organisation: Extrusions Australia
Industry: Manufacturing
Employees: Approximately ninety
Pre engagement model: Legacy non cloud environment, ad hoc backups, limited visibility
Engagement: Emergency incident response, containment, recovery, ongoing roadmap

Context

Aging systems, limited monitoring, and a lack of structured cyber governance created conditions for a significant incident. While assessing new providers, Extrusions Australia suffered a breach that disrupted access to important data and files. The incumbent provider suggested a simple backup restore, but the leadership team wanted to address root causes, close the exposed entry points, and strengthen the environment for the long term.

Challenges

Extrusions Australia faced several active risks at the time of the incident:

• Breach during provider transition with access blocked to key files

• Remote access exposure with open RDP to the internet

• Signs of password compromise and credential exposure

• Limited visibility into login activity and suspicious behaviour

• Legacy on premise server and custom applications requiring performance and stability work

• Restore only proposals that would not prevent re infection

Objectives

The business needed a partner that could respond quickly, reduce downtime, and provide clarity in a high pressure situation. The core objectives included:

• Contain the breach and restore operations with minimal disruption

• Identify the intrusion pathway and close off weak access points

• Shift from a reactive posture to a prevention first security model

• Create a staged infrastructure roadmap that matched manufacturing requirements

• Improve user awareness and reduce credential and remote access risk

Zynet’s Approach

Zynet led the recovery and uplift through a methodical and transparent approach.

Contain and validate
Rapid out of hours mobilisation to remove unauthorised access, quarantine affected areas, and confirm that no additional intrusion attempts were active.

Root cause and exposure
Investigation into remote access exposure and password compromise. Remediation of key risks that had allowed external access to the environment.

Monitor and detect
Introduction of login monitoring and alerting that surfaced suspicious activity that had never been visible before.

Roadmap and governance
A clear phased plan for modernising email, identity, server workloads, and custom applications. Recommendations aligned with budgets and operational constraints.

Education and guidance
Ongoing plain English communication with both IT and leadership. Options were explained with cost and benefit clarity so decisions were simple and well informed.

Solution Overview

Zynet delivered a coordinated set of improvements that restored stability and prepared the business for long term resilience.

• Threat detection and response with continuous monitoring and alerting

• Hardening of external access with stronger authentication and closure of risky entry points

• Email and identity improvements for unified protection across users

• Optimisation of on premise server infrastructure and custom manufacturing applications

• Staged modernisation program aligned to business cycles and production windows

Outcomes

Zynet’s involvement delivered immediate containment and a measurable uplift in security and operational stability.

• Incident contained without a broad shutdown

• Re infection risk avoided through root cause remediation

• Higher visibility into login attempts, alerts, and credential exposure

• Clear roadmap for modernisation that reduces technical debt

• Lower operational stress for the internal IT lead and stronger partner support

Customer Perspective

“Zynet’s threat detection response really saved us. If it had not been for that, our system would have been back down again within days. The team gave us confidence that the breach had been stopped, helped us get back to business as usual and start building a strategy to prevent future attacks.”
Stacie, IT Manager

“Zynet has given us all the options but also understands the expense of making a particular choice. They work with us to look at everything from two viewpoints. What is best and what is affordable.”
Stacie, IT Manager

“Zynet contacts us all the time to check in if we need anything. We just need to ring and they explain things clearly. I feel very supported knowing our IT is under control.”
Stacie, IT Manager

Why This Worked

• Containment first and then cause

• Access hardening in the right order

• A roadmap shaped around manufacturing realities

• Clear guidance and consistent communication

Bringing it all Together

Extrusions Australia’s experience shows how rapid containment, visibility, and a prevention first approach can protect an organisation from repeat incidents. By strengthening access controls, improving monitoring, and modernising core systems, Zynet helped the business reduce risk and create a more stable environment for both factory and office teams.

Zynet continues to support manufacturing and mid market organisations across Australia with proactive cyber protection, incident response, and modern IT solutions that reduce stress and improve resilience. Explore Zynet’s Managed Cyber Security Services.