This case study explores how Tools and Solutions (T&S), a small business, addressed and recovered from a major ransomware attack that jeopardised its operational continuity. The attack took advantage of significant weaknesses in the company’s cybersecurity framework, including outdated software, a lack of adequate employee training, and missing regular backups. Consequently, vital business data got encrypted, operations were interrupted, and the organisation faced the tough choice of whether to pay the ransom or attempt data recovery. The study outlines the prompt crisis management actions taken by T&S, which included incident documentation, stakeholder communication, and data recovery through manual means. Additionally, it details the long-term cybersecurity improvements that followed, such as the adoption of cloud-based backup systems, the rollout of the Odoo ERP system, the application of the NIST Cybersecurity Framework, and the establishment of employee training programmes. By detailing each stage of the company’s evolution, the case demonstrates how a small business built resilience through integrated policy reforms, infrastructure enhancements, and cultural shifts. The study also underscores important lessons regarding data redundancy, risk management, and organisational readiness. It offers a practical roadmap for small and medium-sized enterprises aiming to bolster their cybersecurity posture against increasing ransomware threats.
| Published in | American Journal of Information Science and Technology (Volume 9, Issue 2) |
| DOI | 10.11648/j.ajist.20250902.17 |
| Page(s) | 148-154 |
| Creative Commons |
This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited. |
| Copyright |
Copyright © The Author(s), 2025. Published by Science Publishing Group |
Ransomware Incident Response, Cybersecurity Resilience in SMEs, Cloud-based Data Backup Strategies, NIST Cybersecurity Framework Implementation, Organisational Recovery After Cyber Attacks
| [1] | Abawajy, J. H. (2014). User preference of cyber security awareness delivery methods. Behaviour & Information Technology, 33(3), 237-248. |
| [2] | Alharthi, S., Cerotti, D., & Rajarajan, M. (2020). Cyber security risk assessment for SMEs: A novel approach. International Journal of Critical Infrastructure Protection, 29, 100339. |
| [3] | Conti, M., Dehghantanha, A., Franke, K., & Watson, S. (2018). Internet of Things security and forensics: Challenges and opportunities. Future Generation Computer Systems, 78, 544-546. |
| [4] | Duan, Y., Faker, P., Fouchereau, F., & Thomas, H. (2012). Overcoming ERP project obstacles: The role of integrative risk management. Industrial Management & Data Systems, 112(4), 484-500. |
| [5] | Egele, M., Scholte, T., Kirda, E., & Kruegel, C. (2017). A survey on automated dynamic malware-analysis techniques and tools. ACM Computing Surveys (CSUR), 44(2), 6-42. |
| [6] | Hadlington, L. (2017). Human factors in cybersecurity; examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviors. Heliyon, 3(7), e00346. |
| [7] | Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4(1), 5. http |
| [8] | Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., & Kirda, E. (2015). Cutting the Gordian knot: A look under the hood of ransomware attacks. International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, 3-24. Springer. |
| [9] | National Institute of Standards and Technology. (2018). Framework for Improving Critical Infrastructure Cybersecurity (Version 1.1). NIST. |
| [10] | Nguyen, K., Nwokedi, S., & Gajbhiye, A. (2017). Mitigating cybersecurity risks for small businesses: Recommendations and strategies. Journal of Small Business Strategy, 27(2), 71-84. |
| [11] | Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2017). Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q). Computers & Security, 42, 165-176. |
| [12] | Richardson, R., & North, M. M. (2017). Ransomware: Evolution, mitigation and prevention. International Management Review, 13(1), 10-21. |
| [13] | Scaife, N., Carter, H., Traynor, P., & Butler, K. R. (2016). Cryptolock (and drop it): Stopping ransomware attacks on user data. 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), 303-312. |
| [14] | Shinde, P., & Patil, S. (2020). A review on ransomware attack: Evolution, defence and challenges. International Journal of Computer Sciences and Engineering, 8(4), 132-138. |
| [15] | Small Business Trends. (2019). Ransomware is most common malware threat for small business. Journal of Small Business Cybersecurity Research, 3(2), 10-18. |
| [16] | Verizon. (2021). 2021 Data Breach Investigations Report. Verizon Enterprise Solutions. |
| [17] | von Solms, R., & van Niekerk, J. (2013). From information security to cyber security. Computers & Security, 38, 97-102. |
| [18] | Wangen, G., Hallstensen, C., & Snekkenes, E. (2018). A framework for estimating information security risk assessment method completeness. International Journal of Information Security, 17(6), 681-699. |
APA Style
Majumdar, P. (2025). Case Study: How T&S Survived a Ransomware Attack. American Journal of Information Science and Technology, 9(2), 148-154. https://doi.org/10.11648/j.ajist.20250902.17
ACS Style
Majumdar, P. Case Study: How T&S Survived a Ransomware Attack. Am. J. Inf. Sci. Technol. 2025, 9(2), 148-154. doi: 10.11648/j.ajist.20250902.17
Share This Article
Twitter
Linked In
Facebook
Copy
Download@article{10.11648/j.ajist.20250902.17,
author = {Partha Majumdar},
title = {Case Study: How T&S Survived a Ransomware Attack
},
journal = {American Journal of Information Science and Technology},
volume = {9},
number = {2},
pages = {148-154},
doi = {10.11648/j.ajist.20250902.17},
url = {https://doi.org/10.11648/j.ajist.20250902.17},
eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.ajist.20250902.17},
abstract = {This case study explores how Tools and Solutions (T&S), a small business, addressed and recovered from a major ransomware attack that jeopardised its operational continuity. The attack took advantage of significant weaknesses in the company’s cybersecurity framework, including outdated software, a lack of adequate employee training, and missing regular backups. Consequently, vital business data got encrypted, operations were interrupted, and the organisation faced the tough choice of whether to pay the ransom or attempt data recovery. The study outlines the prompt crisis management actions taken by T&S, which included incident documentation, stakeholder communication, and data recovery through manual means. Additionally, it details the long-term cybersecurity improvements that followed, such as the adoption of cloud-based backup systems, the rollout of the Odoo ERP system, the application of the NIST Cybersecurity Framework, and the establishment of employee training programmes. By detailing each stage of the company’s evolution, the case demonstrates how a small business built resilience through integrated policy reforms, infrastructure enhancements, and cultural shifts. The study also underscores important lessons regarding data redundancy, risk management, and organisational readiness. It offers a practical roadmap for small and medium-sized enterprises aiming to bolster their cybersecurity posture against increasing ransomware threats.
},
year = {2025}
}
TY - JOUR T1 - Case Study: How T&S Survived a Ransomware Attack AU - Partha Majumdar Y1 - 2025/06/16 PY - 2025 N1 - https://doi.org/10.11648/j.ajist.20250902.17 DO - 10.11648/j.ajist.20250902.17 T2 - American Journal of Information Science and Technology JF - American Journal of Information Science and Technology JO - American Journal of Information Science and Technology SP - 148 EP - 154 PB - Science Publishing Group SN - 2640-0588 UR - https://doi.org/10.11648/j.ajist.20250902.17 AB - This case study explores how Tools and Solutions (T&S), a small business, addressed and recovered from a major ransomware attack that jeopardised its operational continuity. The attack took advantage of significant weaknesses in the company’s cybersecurity framework, including outdated software, a lack of adequate employee training, and missing regular backups. Consequently, vital business data got encrypted, operations were interrupted, and the organisation faced the tough choice of whether to pay the ransom or attempt data recovery. The study outlines the prompt crisis management actions taken by T&S, which included incident documentation, stakeholder communication, and data recovery through manual means. Additionally, it details the long-term cybersecurity improvements that followed, such as the adoption of cloud-based backup systems, the rollout of the Odoo ERP system, the application of the NIST Cybersecurity Framework, and the establishment of employee training programmes. By detailing each stage of the company’s evolution, the case demonstrates how a small business built resilience through integrated policy reforms, infrastructure enhancements, and cultural shifts. The study also underscores important lessons regarding data redundancy, risk management, and organisational readiness. It offers a practical roadmap for small and medium-sized enterprises aiming to bolster their cybersecurity posture against increasing ransomware threats. VL - 9 IS - 2 ER -
Department of Computer Science, Kalinga University, Raipur, India
Information