- Successful ransomware encryption on server containing financial records of all clients.
- Source of infection and type of encryption identified within a couple of hours.
- Due to the nature of the encryption, no decryption algorithm was available.
- All data successfully restored from backups with minimal data loss as attack occurred after nightly backup had completed.
- Security increased on the server to include password lockout policies, minimum, and maximum password expiries, and complexity.
- Implementation of monitoring within the backup software to alert for possible ransomware attempts.
- Provide information to the Kent Cyber Crime team to aid in their criminal investigation.
- Director was the target of numerous spear-phishing attempts, some that were successful.
- After identifying the location of the source of the attack, extra security was placed on the user’s Office 365 account to minimise the risks.
- These included 2 factor authentication (2FA) on the Office 365 account, blocking of the top-level domain from sending to the company (the originating IP address of the sender was Brazil) and targeted phishing campaigns to identify if any other staff were vulnerable.
- Cyber Security Training given to improve the overall security posture of the firm.
Based in Kent since 2005 and with extensive experience of Cloud Computing, IT Security and Cyber Security. Computer Rescue offer fast response IT Support for Small and Medium sized businesses with between 5 and 100 users. Please click here to find out about our FREE Cyber Security Assessment