How an attack shut down a company (and what we can learn)

Total
0
Shares
0
0
0
0

It looked like a normal Monday at a small accountancy firm. 8:45 a.m. Staff turned on their computers, opened the invoicing software and… nothing worked. Files were encrypted, the server was unreachable and a red warning appeared on screen:

“Your data has been locked. To recover access, send €3,000 in cryptocurrency.”
The company had just been hit by ransomware — malicious software that blocks access to files until a ransom is paid.

1. How the attack began

Days earlier, an employee received an email that seemed to be from the tax authority.

Subject: “Overdue invoice — please settle payment.”

Without suspecting anything, they opened the attachment — a PDF that looked harmless.

In reality, it was the start of the infection. The malware installed silently, spread across the network and, once triggered, encrypted everything.

2. The immediate impact

  • All client files became inaccessible.
  • Backups were on the same server and were encrypted too.
  • Months of work vanished in minutes.
  • The firm was completely down for three days: unanswered clients, missed tax deadlines and a panicked team.

3. The mistake that enabled disaster

  • No structured security policy.
  • No up-to-date anti-virus.
  • Backups stored locally, with no off-site copies.
  • Staff had no training on phishing or good digital practice.

All the attackers needed was one careless click.

4. How they recovered

Fortunately, not everything was lost.

An external technician found an old backup on a USB drive that wasn’t connected to the server.

Some data was restored, but roughly two months of work were lost.

After the incident they implemented:

  • Automatic cloud backups (off-site).
  • Centralised, up-to-date anti-virus.
  • Security awareness training for staff.
  • Two-factor authentication (2FA) on all remote access.

5. Lessons learnt

  • A single email can open the door to an attack — always check senders and attachments.
  • Never store backups in the same place as the originals — use off-site or cloud copies.
  • Updates and anti-virus are essential — outdated systems are vulnerable.
  • Training is the first line of defence — an alert colleague can prevent a disaster.

Conclusion

This scenario happens every day in organisations of all sizes.

The good news: most attacks can be avoided with simple measures:

  • basic training
  • off-site backups
  • regular updates
  • extra care with suspicious emails.

Cybersecurity isn’t just technology. It’s prevention, habit and responsibility.

Learning from others’ mistakes is the best way to avoid our own.

Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0

Leave a Reply

Your email address will not be published. Required fields are marked *

You May also Like