Anti-Ransomware Incident Response Harbour Center Port Inc.
Harbour Center Port Terminal, Inc. (HPCTI) was incorporated and registered with the Securities and Exchange Commission (SEC) on May 13, 1996 to operate port facilities and other maritime activities regarding port operations and shipping, which acts as a private commercial port in Manila under licenses issued by the Philippine Ports Authority in 1995. HPCTI was attacked by ransomware back in 2020. As files and data were encrypted by ransomware, and production was paused, HPCTI urgently looked for a ransomware solution.
Ransomware Infections, Propagation
- A certain amount of VMs were infected by ransomware. Files were encrypted, data were unrecoverable, production environment was forced to pause.
- Ransomware continued to spread over the network, bypassed the detection and blocked out existing firewall and endpoint security software.
Incompetent Third-party Backup Software
- Previous backup files generated by existing backup software were automatically found and deleted by ransomware.
- More backup files remained in danger as ransomware hasn't been removed.
Insufficient Security Specialist
- HCPTI was having a hard time dealing with the ransomware incident. They have been heavily depending on the existing security appliances. Once those appliances were bypassed, production became vulnerable immediately.
- Customer: Harbour Center Port Terminal, Inc. (HPCTI)
- Industry: Logistics
- No. of Staffs : 300+
- Location: Philippines
- Ransomware Infection
- Ransomware Propagation
- Incompetent third-party Backup Software
- Sangfor vNGAF
- Sangfor Endpoint Secure
- Sangfor Hyper-Convergence
- Mitigate the ransomware infection, No More 2nd Attack
- Intensify ransomware detection and defense
- Backup data and file, making them recoverable at any time
- Focused ransomware solution with extra services