Threats 101
Jonathan Crowe
Aug 2017

5 Ransomware Attack Postmortems (new eBook)


Photo by Kit

Our new eBook provides a rare look inside five organizations as they deal with the immediate effects and damaging aftermath of ransomware.

These days it's unfortunately all too common to see ransomware attacks in the headlines, but typically when you dig into the articles details are hard to come by. We rarely get the full story behind ransomware infections — how they started, how companies reacted, the full scope of disruption and downtime they cause.

As a result, the reality of ransomware for those of us unlucky enough to get infected is often far different than what we may have imagined or planned for.

The truth is infections can happen in the blink of an eye, yet the fallout from them can stretch out in damaging ways we never expected (just ask shipping giant Maersk — the company now estimates June's NotPetya infection will cost it $300 million in lost revenue).

Go behind the scenes in our latest eBook

To give you a more realistic idea of how ransomware infections can play out in real life we've put together a new eBook we're calling The True Cost of Ransomware: 5 Companies, 5 Attacks, and the Reality of Recovery


Inside you'll find:

  • Special behind-the-scenes accounts of how ransomware infections played out inside five real organizations
  • Breakdowns of the true costs and effects of the attacks on their businesses
  • Key takeaways and lessons learned to help your own organization prepare for preventing and recovering from ransomware attacks

5 ransomware postmortems, 5 very different organizations 

In the eBook you'll get details on how five organizations — a hospital, a law firm, a public broadcasting station, a local government, and a web hosting provider — each grapped with ransomware infections and recoveries that were anything but simple. In addition, you'll see the attacks broken down into timelines and learn key takeaways from infections that can help your company avoid a similar fate. 

You can download your copy of the eBook here, or read a little more about the five companies highlighted inside it below:

How one ransomware attack cost a Buffalo, NY hospital $10,000,000

  • Victim: Erie County Medical Center
  • Ransomware: SamSam
  • Date of Attack: April 9, 2017
  • Length of recovery: More than six weeks
  • Cost of recovery: $10,000,000
  • Attack fallout:
    • 6,000 computers wiped, restored, and redistributed
    • Patient notes written and circulated by hand for 4 weeks
    • 2 weeks without electronic patient registration and limited access to email
    • 3 weeks without electronic communication with the hospital lab
    • A full month without electronic prescribing


Click to expand

How one of the world's largest law firms was paralyzed by Petya

  • Victim: DLA Piper
  • Ransomware: Petya / NotPetya (technically a wiper)
  • Date of Attack: June 27, 2017
  • Length of recovery: At least two weeks
  • Cost of recovery: Millions
  • Attack fallout:
    • Full day without phones
    • 6 days without email
    • 2 weeks without access to key documents


How ransomware took San Francisco's PBS station offline

  • Victim: Public TV and radio station KQED
  • Ransomware: Mole
  • Date of Attack: June 15, 2017
  • Length of recovery: Over a month
  • Cost of recovery: Undetermined
  • Attack fallout:
    • 12 hours of dead air on the station's online broadcast
    • Loss of pre-recorded segments
    • 2 weeks without email
    • TV broadcast moved to nearby university studio
    • Loss of access to the station's content management platform and access card system


How ransomware cost an Idaho county $100,000

  • Victim: Bingham County, Idaho government
  • Ransomware: Samsam
  • Date of Attack: February 15, 2017
  • Length of recovery: Estimated to be a year or longer
  • Cost of recovery: $100,000
  • Attack fallout:
    • Complete rebuild of servers
    • Every department in the county affected
    • $3,500 in paid ransom
    • Emergency dispatchers had to use physical maps to direct officers
    • Thousands of radio transmissions, calls, and police reports logged manually


Behind the largest ransomware payout in history

  • Victim: Web hosting provider Nayana
  • Ransomware: Erebus
  • Date of Attack: June 10, 2017
  • Length of recovery: Over a month
  • Cost of recovery: $1,000,000 in paid ransom, total cost undetermined
  • Attack fallout:
    • Data on 153 servers encrypted
    • Websites belonging to 3,400 customers affected
    • Affected customers issued 3 months free service and 30% discount in perpetuity
    • Customers with unrecoverable data loss given free service in perpetuity

Need to convince executives just how serious a ransomware infection can be?

This eBook can help. Download The True Cost of Ransomware here.

Jonathan Crowe

Jonathan Crowe

Jonathan covers the latest threats and cybersecurity trends from a practical perspective.


The True Cost of Ransomware

5 Companies, 5 Attacks, and the Reality of Recovery.

Get my eBook


Stay informed!

Get the latest security news, tips, and trends straight to your inbox.

Stay informed!

Get the latest security news, tips, and trends straight to your inbox.