KCloud Ransomware Attack Case Study
KCloud Ransomware Attack Case Study will talk about the Ransomware Attack that targeted a prominent Beverage-Can Manufacturer in the Middle East, and also how KCloud helped them to mitigate the damages and escape the perils of the attack.
The Client is a fast-growing holding company with diversified business operations in the FMCG, Oil & Gas and other key industries. They offer an extensive range of products for the local and regional beverage industry. The company has the latest can manufacturing & IT technologies available in the world.
However, Ransomware, being as common as it is these days, found a way into the Client’s system as well. KCloud, post analyzing, effectively handled the ransomware attack that targeted their organization. In addition, we also provided actionable tips for further safeguarding their system and practice.
Ransomware is a particularly insidious type of malware, which is somehow installed in a device and locks the system down.
- .bip variant of the Dharma Ransomware virus affected the organization
- Malicious spam emails brought in this malware
- This malware scans the system for data files and consequently encrypts them
- Encrypted file is converted into .java, .wallet, .arrow, .bip or some other format
- In addition, this ransomware also encrypts mapped network drives, shared virtual machine host drives, and unmapped network shares.
- KCloud, using it’s propriety IP, thoroughly analyzed the issue and confirmed that the security breach happened only through malicious emails and not through SSL VPN
- These emails came from the domains – qq.com, aol.com, cock.li. Thus, these mail domains were blocked from their mail server.
- Isolation of affected systems from the Internet as well as the LAN network
- Hardened Ransomware protection in the firewall
- Updation of Patch and Anti-virus in the production system
Additional Actions and Protection Methodology:
- Added features in the firewall to prevent ransomware attacks in the future
- A thorough study of the Client’s network landscape and firewall
- Comprehensive security assessment for mischievous domain servers and unused accounts
- Updated, latest software and Anti-virus applications
- Finally, the client should have a proper backup and Disaster Recovery in place
You can Download the full Case Study here.
If you are looking to host on KCloud and require a consultation on the licenses or implementation, contact us here.
You can also look for more such case studies and resources on our Website.