top of page

Ransomware Attack

Case Study: Cybersecurity

Client Challenge

After a particularly busy week, a Family Office CIO was quickly reviewing his email on Friday afternoon before leaving for a weekend trip with his family. Minutes before he needed to depart the office, an email arrived with the subject “URGENT: ACTION REQUIRED!” from a sender whose name he immediately recognized from his discussions throughout the past week. The body of the email simply stated, “Please see updated transaction details attached” and, without any reason to be suspicious, the CIO downloaded an Excel spreadsheet and unknowingly installed ransomware on his computer. With the contents of his computer now frozen, a message quickly appeared demanding an immediate payment in Bitcoin for access to be restored…

Banyan Solution

Banyan Cyber was contacted to provide recommendations to the CIO on (1) whether payment should be made to the attacker and (2) how the data – on the now frozen computer – could be restored. Banyan Cyber was able to rapidly assess the situation and proposed a course-of-action that met the client’s most urgent requirement: recovering the valuable information and data. It was soon discovered that the contents of the client’s computer were backed-up daily to the cloud, unbeknownst to the client. As a result, Banyan Cyber was able to recover and restore all the files to the client’s computer without payment to the ransomware attacker. Banyan Cyber also provided recommendations on cyber hygiene activities for both the CIO & Family Office to help prevent a similar attack in the future.

Client Impact

As a result of Banyan Cyber’s rapid analysis of both the type of ransomware and the client’s existing IT systems & protocols, the client was able to reclaim their data without a ransom payment to a criminal actor. Additionally, through information, instructional workshops, and the implementation of 24 hour monitoring, Banyan Cyber provided the client with peace-of-mind and confidence in their enhanced resilience against attempted cyber-attacks moving forward.


bottom of page