Crawford’s striking example of a cyberattack

Lucas Bressanutti (pictured above), from Crawford & Company Australia’s cyber team, recently presented a webinar about cyber claims. The financial and forensic accountant provided an example of a ransomware attack his firm dealt with about 18 months ago.

“We had a firm call us on a Monday and they said, ‘On Friday we discovered a ransomware note on our system and it was Friday afternoon, so we thought we’d just leave it to Monday,’” he said.

Bressanutti said when the employees returned to work on Monday their entire system was compromised.

Dead in the water

“At this point, no data was accessible, everything had been encrypted, all applications were rendered inoperable, no computer would brute pass the ransomware note, so everything was completely dead in the water,” he said.

Bressanutti said the Crawford team discussed options with the firm, including whether they had backups and what a restoration process could look like. They also engaged forensic IT specialists who started their investigation on Monday night by taking images of all the servers.