Search

Ransomware attack on property management company

Updated: Mar 10

Client National property management company with several office and apartment blocks.


Situation A ransomware application made its way in through an out-of-date fileserver that should have been updated. The attack took also took out all of the backups making a system restoration impossible.


Action CNS Risk conducted a Health Check and reviewed policies and procedures. They also recommended conducting monitoring and a review of O/365 and Azure rules as well as endpoint monitoring.


Results CNS Risk were able to show that the access was through the obsolete file server that the client's 3rd party IT company should have updated years earlier; and also, argued that paying the ransom was likely more good money after bad. The company re-built the systems from data fragments, replaced the compromised server and instituted new policies.


Duration 2 weeks


Resources Employed One lead investigator and Cyber Team (scanning the Dark Web for published data on the ransom, and the particular victim).

CNS RISK
United Kingdom office
2 High Street, Chobham, GU24 8AA UK
Phone: +44 20 3773 4002
email: info@cnsrisk.com
Hungary office 
Vármegye u. 3, 1052 Hungary
Phone: +36 1 411 3602
email: info@cnsrisk.com