Ransomware is malicious software (or malware) that can take over your computer denying you access to your data. During the attack, the hacker may ask for a ransom from the company, promising — not always truthfully — to restore access to their data when they receive their exact demand.

Our client, a mid-size Media Company in the Midwest, asked us to assess their risk for a r exposure since we had experience in helping similar companies protect tansomware attack. They became concerned after learning about other companies in their industry space becoming victims to similar attacks.

 

They asked ESHA IT to test their network for ransomwarehemselves from ransomware attacks. The company needed us to perform a risk assessment of their IT infrastructure with a specific focus around ransomware attacks.

Services provided:

  • Security testing – vulnerability scan, external penetration testing, and phishing exercises
  • IT process reviews with the internal team

Our Approach

  • Ran phone phishing exercises on specific employees to make them aware of phone scams.
  • Executed multiple email phishing campaigns on employees to encourage email security awareness.
  • Performed vulnerability scans and penetration testing
  • Reviewed and tested their backup process

Results

  • Based on phishing results, we advised the client on ways that their employees can improve their security awareness. They were made aware of sophisticated attack techniques, designed to fool employees.
  • We identified several security issues that could have put their business at risk for data loss, financial fraud, and loss of customers.

A Seamless Project Implementation

The customer was relieved that the vulnerabilities was found by us instead of a hacker. It would have been very costly to them if they experienced a ransomware attack. We continue to work with them on other security and compliance projects that is strengthening their security.