Case study at a glance:
Locations: East coast
In 2019, one of our TotalContinuity clients had a breach in their system. However, this client was not utilizing our comprehensive cybersecurity solution.
They were breached but did not get exfiltrated. The type of breach is known as a Cryptolocker attack which is essentially when a server attacker uses legitimate software to encrypt all data and files. Then, these attackers demand ransom money to unlock the files. Many times organizations that are victims of a ransomware attack do not pay the sum of money demanded. Instead, they rely on backups or a business continuity plan to get back up and running. In some instances, this path can take hours to months in order to recover files.
Leading up to the attack
A person outside of the organization received what looked to be a legitimate email from the organization with a Word document attachment. When the user opened the Word document, their computer was breached. However, this email was sent 4 months before the Cryptolocker attack happened.
In the 4 months leading up to the attack, the hackers were able to spy on the network while gaining access to credentials and privileges of the organization.
Because our client didn’t have the cybersecurity systems in place to see this malicious activity that was happening over the past 4 months, their files could have been stolen or deleted completely.
In the 4 months leading up to the attack, the hackers were able to spy on the network while gaining access to credentials…
The proactive approach
This breach could have been completely avoided if our cybersecurity framework along with TotalContinuity were both implemented. If our cybersecurity framework had been in place, we could have caught this threat from the time the first person opened that malicious email. We would have locked the threat and shut it down to prevent it from spreading from that point on.
The business impact could have been much worse if TotalContinuity was not in place at the time of the attack. Because of TotalContinuity, the organization only experienced one day of downtime and we were able to restore the files. Systems were back up and running within 24 hours.
When our cybersecurity framework is in place, we are able to track threats of organizations in real-time to address the issue before it poses an issue and take appropriate actions.
This breach could have been completely avoided if our cybersecurity framework along with TotalContinuity were both implemented.
With the newest cyber threat landscape, hackers are looking for new and advanced ways for businesses to pay them money. That means, businesses can’t just have one form of protection. It’s more than just having a firewall, antivirus, and patching and updating your operating system. A multi-layered approach is the only way to ensure data and files are being protected. This is done through monitoring, securing, and training. At IND Corporation, we have the newest and most advanced cybersecurity framework to protect businesses and take a proactive approach to cyberattacks.
- Protect against cyberattacks before it happens
- Real-time monitoring
- Multi-layered defense