Resolute was recently engaged by a member-based organization after they became a victim of a ransomware attack. The organization’s systems, including network file servers, phone system, internal HR data and membership information were all breached and their data encrypted. The organization, which includes several hundred employees who operate from offices in multiple states servicing more than 50,000 individual members were suddenly rendered completely ineffective and unable to conduct basic daily operations.
Resolute engaged immediately. We had an incident response professional on site within an hour of being called and conducted an immediate assessment of the situation to develop a recovery and response plan. After completing the initial assessment, it was clear the response protocols the organization believed were in place were in fact ineffective, hampering any type of timely recovery.
Resolute, in conjunction with an IT recovery specialist, immediately developed an internal response team, incorporating all of the organization’s key divisions, including IT, HR, communications, legal and membership. Working with the response team, Resolute developed a crisis communications plan with messaging to immediately inform all relevant parties of the current situation and plans moving forward.
Resolute then worked with the organization to move from containment to the recovery phase, identifying a forensic response team to further aid in the process to stop, contain and control the incident to recover from the attack.
After several weeks of ongoing activities and implementation of the response plan by the entire team, the organization’s network and infrastructure were restored and normal operation resumed.