A large Los Angeles Municipality taken down by Ransomware

Our organization was contacted after an in-house 6 person IT team threw up their arms and finally said, we need help. The IT Director called our account development team on a Tuesday at 4 PM requesting immediate assistance. Operations then deployed a technical team within the hour to visit and support the clients site and technical team. It turned out, that afternoon, all City services, departments, systems were infected with Ransomware and were shut down, inoperable requiring encryption keys to reinstate. Backups were removed, deleted or corrupted.

Our technical team inspected the systems, and began intercepting the infection, disrupting the communication, and isolating the source, and spread. During the processes we deployed licensed softwares, intercepted multiple wire transfers, and determined the type and strategy of the virus.

Our technical team was able to restore City systems and services within 5-hours so the following day, all departments were able to continue operations. We intercepted and stopped hundreds of thousands of dollars of wire transfers, and saved this City millions of dollars and an embarrassing story to acknowledge. However, the complete mitigation and recovery took a further two weeks to fully restore.

Our team outlined numerous areas that needed to be strengthened and provided a detailed report to the IT Director for their team to implement.

This story like many others is a humbling one. However, it can be avoided with support from experienced and certified Cybersecurity practitioners.