GBH

Casa Mobel

Supporting return and protection of hacked files to maintain business continuity

The Situation

Casa Mobel, a furniture market leader, was referred to us a few months prior and we initial conversations. But when the furniture manufacturer called to tell us they had just been hacked and all of their files were held for ransom, and their current provider didn’t have a solution, we were there at their office within a day to support the team in getting their company back.

All of their files – including their USB backup – were connected directly to the server. So once the hackers got into the system, they kidnapped everything. Which meant Casa Mobel’s business was at a standstill until this issue was resolved.

Casa Mobel’s Context

Vision

To deliver quality furniture to the hospitality industry.

Why

Provide furniture that maintains consistently superior quality as the company grows.

Goals

Restart operations. Without their documents, the company was frozen and could not operate or generate revenue (e.g. could not generate invoices, see payables or receivables, etc.)

Vision

To deliver quality furniture to the hospitality industry.

Goals

Restart operations. Without their documents, the company was frozen and could not operate or generate revenue (e.g. could not generate invoices, see payables or receivables, etc.)

Why

Provide furniture that maintains consistently superior quality as the company grows.

The GBH Difference

Nothing is off limits when helping a client regain control of their business. From negotiating with hackers and purchasing Bitcoin on their behalf to immediately instating multiple layers of defense to guard against threats and provide an untouchable file backup for the business, we do what needs to be done to get our clients’ businesses back on track.

What We Did

We jumped into action quickly; every minute that passed without access to their files, meant our client was losing money. We first tried to decrypt the files held for ransom but soon saw they were encrypted in a way that only the hackers could unlock.

So we got in contact with the hackers. But before we agreed to begin negotiations, we required the hackers send proof that they could decrypt the files. They followed through on that request successfully which made us feel more comfortable starting negotiations. The first ransom figure the hackers shared was incredibly high. Through a series of conversations, we got the bad guys down nearly 50% and purchased the Bitcoin on our clients’ behalf to pay the hackers.

We stayed in contact with the hackers as the transfer was made and waited for them to deliver the encryption key to recover our client’s files.

The moment the files were decrypted, we were ready to build a moat around the business. We configured new tech infrastructure from scratch. We set the client up with a securely protected cloud backup copy of all of their data and files – so no one would ever hold them ransom again. And we changed their mail server, adding additional layers of email protections so that the company wouldn’t fall prey to similar phishing schemes to get into their systems.

Once the company was back up and running, and securely protected through multiple lines of defense and backup, we got to work optimizing the business.

We changed their mail server to a more secure and functional one, and upgraded and reinstalled their secondary servers. We centralized their phone system to address stability issues they were having between their branches due to old implementations.

The Result

At the heart of all that we do is prevention — even in disaster mode. As we were working around the clock to get Casa Mobel’s files back under their control, we were putting multi-layer security measures in place to build a moat around their business to greatly minimize the risk of a similar hack occuring in the future – and backup all of their files in case anything somehow got through the cracks again.