CASE STUDIES - INCIDENT RESPONSE - RANSOMWARE
Case Studies
Incident Response - Ransomware
This case study examines how Maryman assisted their client when hit with a ransomware attack.
Project Name
Incident Response - Ransomwares
Our Role
Digital Forensics and Incident Response
Project Background
Our client contacted us when their operation was completely shut down due to a ransomware attack. We were engaged within an hour and immediately began collection, triage and assisting with remediation efforts.
Project Tasks
We were responsible with determining how the attack occurred, whether the organization was still breached, and what data was accessed and exfiltrated by the attackers.
Project Outcomes
- Using triage and rapid analysis techniques, we were able to determine how the attackers acquired access to the environment.
- We were able to trace all aspects of the attackers’ movement throughout the environment.
- We were able to recover over 95% of the encrypted files on the host systems, eliminating the need to pay the ransom.
- We were able to get a comprehensive set of files and folders accessed by the attackers to counsel, reducing the affected persons set by over 70%!
Conclusion
The experts at Maryman can be called upon quickly to assist with an active cyber breach to engage in digital forensics and incident response.