It was an early Sunday morning when Agility Networks received a frantic call from one of their customers. An unfortunate break-in had occurred and a very important laptop, with sensitive information, had been stolen. The client was concerned that he did not have any information to give the police to help track down the laptop. The private business data was at risk of being viewed by outsiders and possibly lost all together.
All Agility Network clients are currently utilizing the Agility Management Platform, powered by Kaseya. Knowing that the Kaseya agent loads quickly upon system startup and that it could be manipulated if the laptop connects to the Internet, we knew that something could be done using the powerful scripting engine offered by Kaseya. The Agility Management Platform Administrators Group put the “stolen computer” script into action.
Here are the details of the script:
- Send the consultant and operations team a text message and e-mail when the laptop connects to the Internet
- Save the public IP address used by the laptop and log on the Agility Management Platform (Kaseya)
- Forcefully reboot the laptop after deleting the operating system files; essentially disabling it
The following Saturday (6 days later) we received a text message from the Agility Management Platform. The laptop had connected to the Internet. I immediately logged in and was pleased to see that the Public IP Address of the laptop had been recorded. Shortly after, I saw log entries indicating that the laptop had been rebooted and the operating system broken. The thief would now have to go through several technical hoops to get to any of the data on that laptop and we had information the police could use to track the laptop. As a precaution, if the laptop is recovered, all business data on the laptop will be retrievable by the consultant.
The next day the public IP address was handed over to the detective working the case who then issued a subpoena to the relevant ISP. The ISP has provided the police department with the account information associated with that public IP and we are currently waiting for the police to serve a warrant and retrieve the stolen laptop.
What a ride thanks to Kaseya. For more Stolen Laptop Script ideas visit the Kaseya Forum.
This post was written by Andy Baran of Agility Networks.