Ransomware Case Study

The Challenge:

The client was attacked with Ransomware!  

An external entity hacked into the client’s server and encrypted files critical to their business.  The hacker then demanded a fee from the client in order to unencrypt the files but with no guarantee that they would do so if payment was made.  As a result, the client’s business had to halt activity for a period of time resulting in lost revenue.  ARC technicians were engaged to lock down the server as much as possible, restore backups, and build a new, and more secure, technical environment.  The client has since retained ARC Managed Services to manage their infrastructure on a monthly plan.

The Outcome:

The environment was rebuilt and secured with proper anti-virus and firewalls and a dependable backup process. The client has been protected and secured from these types of attacks in the future. 

About the Client:

The architectural and design company firm was established in 2007.  Their vision is to build upon, create and deliver a truly personal and rewarding service experience.  They pride themselves on their creativity and commitment to the success of their projects. Their team that they have assembled has a proven track record of successful collaboration on projects of various scale and magnitude.  

As a group, they have worked hard to maintain a culture of support and collaboration within their offices.  They enjoy working together as a team and enjoy sharing our experience and research together.  The diversity of their leadership team helps to broaden their vision and feed their strengths.  Their goal is for the spaces and buildings that they create to shape the cultures of their clients and the community. 

Business Case:

The client first approached ARC with concerns over their current IT Service provider. ARC completed an assessment of the client’s environment and prepared a report including our recommendations. The client delayed proceeding with the recommendations and the ARC Care service package. After 6 months the client’s environment was compromised with a Ransomware attack.  ARC was brought in to rebuild the environment properly with the appropriate security and backups implemented. Unfortunately, because of incomplete backups, only a limited amount of data was recovered the remainder was encrypted. The environment is now running smoothly with reliable backups. 

Business Solution:

ARC attempted to recover the encrypted drives with a variety of tools. Cracking the encryption was not possible. The client’s management tried to pay the ransom fees but this was not successful either. The client’s perimeter was rebuilt with replacing the existing firewall with an enterprise-level firewall and implemented strict security rules on the firewall. Next the server was reconfigured and a proper backup process was implemented. Backups are both local as well as cloud based to ensure the highest security and availability of the data.  

The client then agreed to an ARC Care package which now provides for 7X24 monitoring. In addition, ARC Care ensures all patching for both the perimeter and servers are all up to date.  

“ARC has established themselves as an industry leader for IT solutions; staying ahead of the curve with their excellent customer service and knowledgeable staff.

They are committed to providing solutions in a timely manner with their quick response ticketing system. We remain a loyal customer since 2016.”

Recommended Posts