ROCK help not for profit.jpg

Client Result

How ROCK helped a not-for-profit recommence operations within one hour of a Ransomware attack having taken down their organisation

ROCK were contacted by a UK based charity with several overseas operations following a ransomware attack at their head office that had brought multiple teams within it's office to a halt. Having already invested in preparatory work for a number of disaster recovery situations with a consultant from ROCK; the charity were soon back at 100% operational efficiency.

Share On:

At a glance

  • Full backup restored across organisation within 47 minutes
  • Infected machines isolated and cleansed at ROCK’s head office

The situation

When a ransomware attack successfully infected several devices at CharityCo*, they feared they’d be inoperative for several days or even weeks. Fortunately, ROCK had put backups in place following the development of a continuity strategy several months prior.


  • Audit networks in their entirety – including endpoints – to identify locations off all company data
  • Implement three backup solutions, one made to virtualised infrastructure, one to on-site storage media and another to unnetworked media kept off-site
  • Develop and test robust restoration procedures for a variety of foreseeable circumstances


Following ROCK’s Security Operations Centre having identified that CharityCo’s infrastructure had been compromised, infected devices were ring-fenced to prevent the ransomware infection spreading further. Whilst we were able to do so successfully, a significant portion of key data had already been encrypted.

Having prepared a precise strategy that was to be followed under such circumstances, though, ROCK was able to restore data – including individual user-profiles and files – to a number of unused machines from virtualised backups.

As a result of the preparatory work that ROCK had undertaken, infected devices had been isolated and all data had been restored within just 47 minutes. CharityCo had initially feared they would suffer a significant period of downtime following this attack. Instead, in less than an hour, it was as if no incident had taken place.

ROCK collected infected devices later the same day before cleansing them at our head office and returning them to the client completely cleaned, after only a few days.

*We value our clients and their right to a confidential consultation. While the name has been altered, the results are real.

More Insights

best place to work IT thumbnail.jpg

How we built the best place to work in IT


View more
hotel of the future thumbnail.jpg
Digital Transformation

Hotels of the future: how IoT can transform the hospitality industry


View more
Jane Onboarding Thumbnail 700x500.jpg
Performance Improvement

IT onboarding at ROCK


View more
data set amal thumbnail.jpg
Digital Transformation

Why data set amalgamation is key to superior decision making


View more

Hello, welcome to the ROCK live chat.

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now