• Solutions
    • Managed Detection and Response (MDR)
      • Security Information and Event Management (SIEM)
      • Network Detection & Response (NDR)
      • Endpoint Detection & Response (EDR/XDR)
    • Advanced Threat Detection
    • Cyber Threat Intelligence (CTI)
    • Continuous Threat Monitoring
    • Security Orchestration, Automation, and Response (SOAR)
    • Professional Services
  • ShieldVision™
  • By Use Case
    • Security Compliance & Regulations
    • Security Architecture
    • Vulnerability Management
    • Network Monitoring
    • Email Security
    • Digital Risk
  • Industries
  • SOC
    • SOC Team
    • ShieldVision™
    • Compliance
  • Visibility Triad
  • Knowledge Center
    • Blog
    • Cybersecurity Fundamentals
    • Threat Briefs
    • Client Stories
    • Use Cases
    • Webinars
    • CISO Newsletter
  • Partners
    • Managed Service Provider (MSP)
    • Technology Partners
  • Company
    • About Lumifi
    • News & Press Releases
    • Meet the Team
    • Executive Briefing Center
    • Contact Us
    • Careers – we're hiring!
  • Talk to an Expert
  • Solutions
    Lumifi ShieldVision™
    ShieldVision is Lumifi’s proprietary technology. It is a singular, multi-tenant platform that increases interoperability between elements of the SOC visibility triad and enables clients to react to threats and breaches more effectively, resulting in fortified security environments and optimized business.
    Explore the Platform.

    Solutions

    Managed Detection & Response (MDR)
    Security Information & Event Management (SIEM)
    Network Detection & Response (NDR)
    Endpoint Detection & Response (EDR/XDR)
    Advanced Threat Detection
    Threat Hunting
    Cyber Threat Intelligence (CTI)
    Continuous Threat Monitoring
    Vulnerability ManagementSecurity Orchestration, Automation, and Response (SOAR)Professional Services

    Use Cases

    Network MonitoringEmail SecurityCloud SecurityDigital RiskSecurity & ComplianceSecurity Architecture

    Industries

    HealthcareLegalFinanceManufacturingEnergy & Utilities View All
  • SOC

    Security Operations Center

    People
    SOC TeamAnalystContentEngineeringResearch & Development
    Technology
    ShieldVision™
    Lumifi's proprietary technology
    Process
    Compliance Security Operations Center (SOC) 2 Type IINIST 800-171
  • Visibility Triad
  • Knowledge Center

    Knowledge Center

    Cybersecurity Fundamentals
    BlogThreat BriefsCase StudiesCISO NewsletterWebinars
    FEATURED RESOURCES
    Cloud Security Posture Management (CSPM) Explained: How to Address Cloud Infrastructure RisksRead More »
    Illuminating Blind Spots with the Visibility TriadRead More »
    What is SaaS Security Posture Management (SSPM) and Why is it Important?Read More »
    FEATURED THREAT CONTENT
    July 1, 2024
    MOVEit Authentication Bypass (CVE-2024-5806)
    May 7, 2024
    ToddyCat is Making Holes in your Infrastructure
    April 18, 2024
    Mitigating Risk: Understanding Vulnerabilities in the Ivanti Product Suite
    View all »
  • Partners

    Our Partners

    Managed Service Providers (MSP)Technology Partners
    SIEM
    EDR/XDR
    NDR
    Digital Risk
    Data Management
    Collect and analyze log data from every corner of your organization. Pinpoint security events and launch detailed investigations in response. Gather and correlate data from across your entire IT infrastructure to find and analyze threats with customized detection rules.
    Gain real-time insight into endpoint threats and block malicious activity before it leads to business disruption. Secure your organization’s laptops, desktops, and mobile devices with best-in-class solutions configured to counter the latest threats.
    Catch attackers after they gain entry to your network. Analyze network traffic to prevent lateral movement and leverage behavioral data to gain security insights. Eliminate blind spots in your network and catch malicious insiders before they have a chance to attack.
    Digital risk encompasses the potential harm or loss arising from cyber threats, data breaches, compliance and legal issues, and reputational risks, necessitating proactive management strategies, including the use of advanced cybersecurity tools and best practices, to safeguard organizations in the dynamic digital landscape.
    As data volumes surge, managing them within budget constraints can be challenging. Explore how our portfolio prioritizes your data in your management strategy. Gain the choice, control, and flexibility needed to navigate the tension between data growth, budgets, and resources effectively.

  • Company

    Company

    About LumifiPress Release & NewsMeet the Team
    Executive Briefing CenterContact UsCareers - We're Hiring!
    Certification

    SOC 2 Type 2

    SOC-2-Type-2 Logo
Talk to an expert
CASE STUDY

How Lumifi Rescued a Healthcare Company from a Devastating Ransomware Attack and Transformed Their IT Infrastructure

Executive Summary

A healthcare company with multiple service locations experienced a severe ransomware attack that completely shut down their systems. Lumifi, alongside other partners, BOK and Solytics Partners, provided critical project and remediation services. This case study explores how Lumifi's intervention not only resolved the immediate crisis but also transformed the healthcare company's IT infrastructure, significantly enhancing their security posture.

Client Background

Company Size: 500 Employees

Industry: Healthcare

Locations: 11 service locations, 2 corporate locations

What happened?

A large healthcare company fell victim to a ransomware attack on all their systems. Leadership was alerted in the middle of the night when the attack took place. Employees could not access their files, there were ransom notes on computers, the entire environment was down and the company was forced to operate without immediate access to patient information and other valuable resources accessible through infected devices.

Challenges

The healthcare company had an IT department but lacked a Security Operations Center (SOC) for monitoring. This lack of protection left them vulnerable to a ransomware attack, which occurred unexpectedly in the middle of the night. The entire system was down, and no one could access files, bringing the business to a standstill.

Specific Challenges:

  • No SOC monitoring in place.
  • Complete system shutdown with ransom notes on computers.
  • The need for immediate forensic analysis and recovery.
  • Insufficient hardware and reliance on web-based technology.
  • Data recovery and system reconfiguration.

Challenge Impact:

  • Employees were sent to brick-and-mortar stores to purchase as many laptops as possible in attempt to gain access to patient data. Some employees brought in personal devices.
  • Email was offline for a week and a half because of the attack, many employees used personal emails.
  • Employees had to save documents on a USB and take them to a printer if they needed something printed.

Lumifi's Intervention

Initial Response:

  • Emergency Call: Upon discovering the ransomware attack, the healthcare company contacted their bank (BOK), which referred them to Lumifi.
  • Immediate Actions: Lumifi's team got involved to assess the situation and provide immediate support.

Steps Taken:

  1. Collaboration with IT Forensic Experts: Brought in an incident response firm for forensic analysis.
  2. Onboarded New Devices with Updated Security: Educated employees on how to securely use devices purchased by the healthcare company to replace infected devices.
  3. System Monitoring: Installed Palo Alto Cortex XDR to enable SOC monitoring by Lumifi.
  4. Device Management: Increased the number of monitored devices to about 463.

Long-term Solutions:

  • New Cloud Infrastructure: Solytics designed a new cloud infrastructure with virtual desktops and cloud servers, eliminating the risk of hardware failure.
  • Software Transition: Transitioned from on-premises Microsoft Exchange to cloud-based Microsoft 365.
  • On-Site Support: Sent personnel to assist with logging in and using the new systems.
  • Policy Customization: Worked with Lumifi SOC to customize security policies using Solytics.

Results

Recovery and Improvement:

  • Rapid Recovery: Despite initial chaos, patient data was recovered within days, and full operational recovery was achieved within three to six weeks.
  • Enhanced Security: Implemented continuous monitoring and improved security measures to prevent future incidents.
  • Infrastructure Overhaul: Migrated to a robust, cloud-based infrastructure, reducing the risk of future attacks and hardware failures. Full migration was achieved about five months after the incident.

Quantifiable Outcomes:

  • Device Management: 463 devices now monitored by Lumifi’s 24x7x365 SOC
  • Operational Efficiency: Significant reduction in downtime for future incidents.

Client Sentiment:

  • Before: IT was isolated and undervalued. There was a lack of awareness regarding the importance of cybersecurity.
  • After: Increased awareness and trust in IT security measures. Lumifi is now seen as a trusted advisor, and there's a stronger focus on continuous improvement in security.
Healthcare Ransomware Case Study

Industry

Healthcare

Company Size

500

Technology Partners

Share This

📣  Announcing:

Lumifi Acquires Critical Insight

We’ve expanded our MDR capabilities with enhanced incident response and security services to better protect against evolving cyber threats.

Learn More
1475 N Scottsdale Rd STE 410 
Scottsdale, AZ 85257 
877.388.4984
©2024 Lumifi Cyber
All Rights Reserved
Visit our TwitterVisit our LinkedIn

Solutions

Managed Detection & Response
Security Information & Event Management (SIEM)
Network Detection & Response (NDR)
Endpoint Detection & Response (EDR/XDR)
Advanced Threat Detection
Threat Hunting
Vulnerability Management
Cyber Threat Intelligence (CTI)
Continuous Threat Monitoring
Security Orchestration, Automation, and Response (SOAR)
Professional Services

Use cases

Security & Compliance
Security Architecture
Network MonitoringEmail Security
Digital Risk
Cloud Security
Visibility Triad
ShieldVision™

PARTNERS

Technology Partners
Managed Service Providers

KNowledge Center

Cybersecurity Fundamentals
Blogs
Threat Briefs 
Client Stories
Webinars

COMPANY

About 
Meet the Team
Careers
Press Releases & News
Contact Us
Privacy PolicyTerms & ConditionsSitemapSafeHotlineLumifi Trust Center
closeprintfacebookenvelopelinkedinangle-downxingpaper-planepinterest-pwhatsappcommentingx-twittermagnifiercrossmenuchevron-down linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram