| Strong Security Posture: LawEnfJ had partnerships with other organizations, which involved sharing some systems including e-mail. An employee received a malicious e-mail into the external partner’s inbox and opened it on the machine belonging to LawEnfJ, infecting the network. An investigation revealed that the partner-organization did not have appropriate e-mail hygiene that could have stopped this e-mail from entering the inbox. Nevertheless, LawEnfJ had an acute awareness of the ransomware threat and abundant knowledge on how to prevent and mitigate ransomware attacks. When the ransomware hit, the organization responded timely and methodically. All systems and data were recovered over one weekend. Some data were lost as part of the incremental backups practice, which is an acceptable industry practice. Following the attack, LawEnfJ instigated a formal agreement with all external partners on minimal security measures that they must implement. . |
|---|
| Medium Security Posture: GovSecJN had multiple layers of security controls to protect its business from cyberthreats. However, when the ransomware attack took place, GovSecJN realized that some controls were not equipped to deal with the incident. For example, a communication plan did not consider the fact that crypto-ransomware has the ability to encrypt systems, including e-mail, stripping organizations of the most common communication methods; business continuity plans did not take into consideration the loss of IT. Although all systems and data were restored in 1 week (from backups), some critical services were unavailable for several days, inevitably affecting customers and staff. Following the attack, GovSecJN implemented several changes, including updated communication and business continuity plans. |
| Weak Security Posture: EducInstFB had several serious network oversights (e.g. the lack of network visibility, a flat network structure, poor access control management, poor security practices, ineffective backups) that led to severe consequences, where crypto-ransomware infected the whole network comprised hundreds of devices. Subsequently, many vital systems became unresponsive, crippling important business functions. A large amount of data would have been lost as a result of this attack if the organization had not paid the ransom. The recovery process was very challenging and lasted for months. |
| Strong Security Posture: LawEnfJ had partnerships with other organizations, which involved sharing some systems including e-mail. An employee received a malicious e-mail into the external partner’s inbox and opened it on the machine belonging to LawEnfJ, infecting the network. An investigation revealed that the partner-organization did not have appropriate e-mail hygiene that could have stopped this e-mail from entering the inbox. Nevertheless, LawEnfJ had an acute awareness of the ransomware threat and abundant knowledge on how to prevent and mitigate ransomware attacks. When the ransomware hit, the organization responded timely and methodically. All systems and data were recovered over one weekend. Some data were lost as part of the incremental backups practice, which is an acceptable industry practice. Following the attack, LawEnfJ instigated a formal agreement with all external partners on minimal security measures that they must implement. . |
|---|
| Medium Security Posture: GovSecJN had multiple layers of security controls to protect its business from cyberthreats. However, when the ransomware attack took place, GovSecJN realized that some controls were not equipped to deal with the incident. For example, a communication plan did not consider the fact that crypto-ransomware has the ability to encrypt systems, including e-mail, stripping organizations of the most common communication methods; business continuity plans did not take into consideration the loss of IT. Although all systems and data were restored in 1 week (from backups), some critical services were unavailable for several days, inevitably affecting customers and staff. Following the attack, GovSecJN implemented several changes, including updated communication and business continuity plans. |
| Weak Security Posture: EducInstFB had several serious network oversights (e.g. the lack of network visibility, a flat network structure, poor access control management, poor security practices, ineffective backups) that led to severe consequences, where crypto-ransomware infected the whole network comprised hundreds of devices. Subsequently, many vital systems became unresponsive, crippling important business functions. A large amount of data would have been lost as a result of this attack if the organization had not paid the ransom. The recovery process was very challenging and lasted for months. |
| Strong Security Posture: LawEnfJ had partnerships with other organizations, which involved sharing some systems including e-mail. An employee received a malicious e-mail into the external partner’s inbox and opened it on the machine belonging to LawEnfJ, infecting the network. An investigation revealed that the partner-organization did not have appropriate e-mail hygiene that could have stopped this e-mail from entering the inbox. Nevertheless, LawEnfJ had an acute awareness of the ransomware threat and abundant knowledge on how to prevent and mitigate ransomware attacks. When the ransomware hit, the organization responded timely and methodically. All systems and data were recovered over one weekend. Some data were lost as part of the incremental backups practice, which is an acceptable industry practice. Following the attack, LawEnfJ instigated a formal agreement with all external partners on minimal security measures that they must implement. . |
|---|
| Medium Security Posture: GovSecJN had multiple layers of security controls to protect its business from cyberthreats. However, when the ransomware attack took place, GovSecJN realized that some controls were not equipped to deal with the incident. For example, a communication plan did not consider the fact that crypto-ransomware has the ability to encrypt systems, including e-mail, stripping organizations of the most common communication methods; business continuity plans did not take into consideration the loss of IT. Although all systems and data were restored in 1 week (from backups), some critical services were unavailable for several days, inevitably affecting customers and staff. Following the attack, GovSecJN implemented several changes, including updated communication and business continuity plans. |
| Weak Security Posture: EducInstFB had several serious network oversights (e.g. the lack of network visibility, a flat network structure, poor access control management, poor security practices, ineffective backups) that led to severe consequences, where crypto-ransomware infected the whole network comprised hundreds of devices. Subsequently, many vital systems became unresponsive, crippling important business functions. A large amount of data would have been lost as a result of this attack if the organization had not paid the ransom. The recovery process was very challenging and lasted for months. |
| Strong Security Posture: LawEnfJ had partnerships with other organizations, which involved sharing some systems including e-mail. An employee received a malicious e-mail into the external partner’s inbox and opened it on the machine belonging to LawEnfJ, infecting the network. An investigation revealed that the partner-organization did not have appropriate e-mail hygiene that could have stopped this e-mail from entering the inbox. Nevertheless, LawEnfJ had an acute awareness of the ransomware threat and abundant knowledge on how to prevent and mitigate ransomware attacks. When the ransomware hit, the organization responded timely and methodically. All systems and data were recovered over one weekend. Some data were lost as part of the incremental backups practice, which is an acceptable industry practice. Following the attack, LawEnfJ instigated a formal agreement with all external partners on minimal security measures that they must implement. . |
|---|
| Medium Security Posture: GovSecJN had multiple layers of security controls to protect its business from cyberthreats. However, when the ransomware attack took place, GovSecJN realized that some controls were not equipped to deal with the incident. For example, a communication plan did not consider the fact that crypto-ransomware has the ability to encrypt systems, including e-mail, stripping organizations of the most common communication methods; business continuity plans did not take into consideration the loss of IT. Although all systems and data were restored in 1 week (from backups), some critical services were unavailable for several days, inevitably affecting customers and staff. Following the attack, GovSecJN implemented several changes, including updated communication and business continuity plans. |
| Weak Security Posture: EducInstFB had several serious network oversights (e.g. the lack of network visibility, a flat network structure, poor access control management, poor security practices, ineffective backups) that led to severe consequences, where crypto-ransomware infected the whole network comprised hundreds of devices. Subsequently, many vital systems became unresponsive, crippling important business functions. A large amount of data would have been lost as a result of this attack if the organization had not paid the ransom. The recovery process was very challenging and lasted for months. |
This PDF is available to Subscribers Only
View Article Abstract & Purchase OptionsFor full access to this pdf, sign in to an existing account, or purchase an annual subscription.
