At about two o’clock in the morning, Ben Chase, principal consultant with Palo Alto Networks, received a phone call that a client’s network had been locked up and their business was at a halt.
A threat actor had deployed the ransomware payload and encrypted virtually all of the client’s environment, including all of their viable backups.
When the client first noticed the unauthorized software running on one of their servers that looked very suspicious, being that it was a cloud-based file-sharing software, they started looking around and saw it on a few other servers.
That was when they realized they had a real problem. That's when they called Unit 42.
Watch the video now to see how Unit 42 helped the client investigate and respond to the ransomware incident.
For a more detailed overview, read the full story here.