Case Study

Hackers Deploy Ransomware Attack on Nonprofit Organization

Background

In April 2021, a local Seattle-based community nonprofit fell victim to a crypto-ransomware attack and lost full control of its entire IT environment. The nonprofit was not an existing ISOutsource client but reached out to us for help. Our team was on-site within an hour to help them navigate this security breach.

The Story

When Hackers Take Control
Ransomware is a common hacking strategy where hackers infiltrate the IT environment of a business or organization and demand payment for its release. In some cases, hackers may assess the value of data, assets, records, and information to determine its potential for exploitation. Once the environment is infiltrated, the hackers are in control, and demands are made for money (in this case, cryptocurrency) to release control back to the business or organization. You may have read about this recently regarding the ransomware attack against Colonial Pipeline. This was precisely the case for this nonprofit, and now a new client benefiting from our expertise.

Hackers completely removed the nonprofit’s ability to have any access or control over their technology environment and threatened to wipe all of their data if a $200,000 USD Bitcoin or Monero payment was not met.

A team of Trusted Advisors from ISOutsource arrived on-site at the nonprofit only 1 hour after the initial engagement with us.

Upon arrival, our team examined the threat and took inventory of all the affected systems and reviewed options to restore the data from backup options with hopes to avoid the ransom payment. Unfortunately, the nonprofit did not have a disaster recovery plan or a regular backup schedule and would stand to lose almost an entire year’s worth of financial, donation, and other informational data.

The Result

The Outcome
In the end, the client chose not to pay the ransom and opted to restore their environment from a backup taken a year previously. We rebuilt the entire environment, including workstations, but also the servers; right down to the reinstallation and configuration of the server and workstation operating systems.
A Pivot Towards Cyber Attack Prevention
After advising the nonprofit’s staff on the rebuilding IT environment, we pivoted towards future cybersecurity strategy and implementation. We advised on implementing standards and best practices around updates, patching, remote monitoring and management, and vulnerability management. They’ve adopted our proactive IT support strategy instead of utilizing more reactive, break-fix support to allow for the most secure computing environment possible.

The FUTURE

Client Impact
No small business, especially a nonprofit organization, expects to find itself in the sights of a ransomware hacker, but we see it happen daily and it is costly – in more ways than one. Key impacts to the client included:

  • Total downtime of all technology systems
  • Total loss of access and control to their own data and information
  • Over a year’s worth of data loss
  • Unknown exposure and data exfiltration risk

Services Now Deployed
ISOutsoure does more than navigate tough cybersecurity attacks, we advise on prevention and maintenance strategy to keep your business or organization running smoothly, with as little risk possible. This client has implemented: