The Clicker Ransomware

Outcome

An executive’s important files were no longer locked by Ransomware

Situation

• An executive at a local utility company had a tendency to click on emails and attachments regardless of who they came from or if they looked suspicious.
• Not surprisingly, he clicked on a zip file attached to a phishing email and infected his system with Ransomware.
• Years’ worth of emails and other important files were soon encrypted and inaccessible.

Impact

• The utility company did not have a backup of the files and could not pay the ransom. As a result, the executive had to “start fresh” with a new computer and recreate what information that he reasonably could.

Resolution

• A year had passed since the initial ransomware infection when TCDI was brought in to provide Chief Security Officer On-Demand services. During discussions, the issue of the computer locked with ransomware came up.  TCDI took custody of the infected computer and researched that particular variant of ransomware.TCDI’s cybersecurity team identify a method to crack the encryption that made the files inaccessible and setup an environment to process and decrypt the data.  Soon, the client once again had access to years’ worth of their business files.