Baptism by fire: Ransomware Play forced us to 'party' for three days and two nights

They say, “What doesn't kill you makes you stronger.” Blue Dynamic we would sign up for it. In the past few days we have verified that we are strong and we have to withstand any turbulence. What's the talk about? Our servers have become targeted by cyberattackers spreading ransomware Play. And it wasn't exactly a game we'd buy tickets to enthusiastically. It was a game that literally didn't let us sleep. “Players” signed under the Play ransomware won't come up with a raspy “Come, sir, we'll play.” They want straight data. And he's not afraid to blackmail. But you know what? We managed it, defended all our clients and came out of the fight even stronger. So -- it has a happy ending, but the road to it wasn't lined with rose petals.

Cyberattacks grow like mushrooms after rain, and cyberattackers are as resourceful as high school students at copying at quarter-time -- understand: more than enough. Like chameleons, they adapt to the latest trends in securing and always come up with something new. Ransomware is one of the most common cyber attacks. It is targeted by companies and government agencies.

Three days and two nights — blood, toil, sweat and tears

Our fight lasted three days and two nights. And we've been through everything. It cost us blood, toil, sweat and tears after Churchill. But it has a happy ending. We made it. They found out a lot about ourselves — like we're stronger than we expected... and also...

• that what at other times takes you years, you can under pressure to manage in a single night
• that confronting the cyber threat together has revealed more about our team than perhaps many would like — some offer help, some work to the detriment, some look out for their own
• You will only know the true meaning of “crisis management” when you are really in a crisis
• that even in what is at first glance a disaster, one can find The Seed of Something Good -- maybe we Discover a new business opportunity — stay tuned
• that contacting the Police may sound like a good idea at first, but do we really want the remaining functional servers to become evidence?

What did we take away from the cyberattack experience?

In the context of a cyberattack, a whole series of questions land on your desk that you never thought you would ask. What is Acceptable Risk? And how to distinguish him from the unacceptable? But you know what? We managed to do this and protect our clients from cyberattack - and that is the main thing for us. We're stronger, we're more prepared, it's still us, but richer by tremendous experience.