Case Study: How T&S Survived a Ransomware Attack

Authors

  • Yusfrizal Yusfrizal Universitas Potensi Utama
  • Alvin Syahrin Universitas Potensi Utama
  • Heri Gunawan Politeknik Gihon
  • Verawati Doloksaribu Politeknik Gihon
  • Darma Indra Gultom Politeknik Gihon

DOI:

https://doi.org/10.59934/jaiea.v4i3.1096

Keywords:

Ransomware, Cybersecurity Resilience, Data Encryption, Cloud Backup

Abstract

This case study explores the experience of Tools and Solutions (T&S), a small business that encountered a devastating ransomware attack and successfully restored its operations through strategic resilience. Initially exposed due to inadequate cybersecurity measures, T&S became a target for attackers who encrypted critical data and disrupted business continuity. Through prompt crisis management and long-term reforms, including cloud-based backup solutions, the implementation of the Odoo ERP system, employee cybersecurity training, and the application of the NIST Cybersecurity Framework, T&S enhanced its cybersecurity stance. This case underscores the vital preventive strategies necessary to mitigate ransomware threats, particularly for small and medium-sized enterprises, by integrating technology, policy development, and employee education. T&S’s transition from vulnerability to resilience serves as a beneficial model for organisations aiming to strengthen defences against increasingly sophisticated cyber threats. The findings highlight that cybersecurity is not just a technological issue but an organisation-wide discipline that requires ongoing investment and diligence.

Downloads

Download data is not yet available.

References

Abawajy, J. H. (2014). User preference of cyber security awareness delivery methods. Behaviour & Information Technology, 33(3), 237–248.

Alharthi, S., Cerotti, D., & Rajarajan, M. (2020). Cyber security risk assessment for SMEs: A novel approach. International Journal of Critical Infrastructure Protection, 29, 100339.

Conti, M., Dehghantanha, A., Franke, K., & Watson, S. (2018). Internet of Things security and forensics: Challenges and opportunities. Future Generation Computer Systems, 78, 544–546.

Duan, Y., Faker, P., Fouchereau, F., & Thomas, H. (2012). Overcoming ERP project obstacles: The role of integrative risk management. Industrial Management & Data Systems, 112(4), 484–500.

Egele, M., Scholte, T., Kirda, E., & Kruegel, C. (2017). A survey on automated dynamic malware-analysis techniques and tools. ACM Computing Surveys (CSUR), 44(2), 6–42.

Hadlington, L. (2017). Human factors in cybersecurity; examining the link between Internet addiction, impulsivity, attitudes towards cybersecurity, and risky cybersecurity behaviors. Heliyon, 3(7), e00346.

Hashizume, K., Rosado, D. G., Fernández-Medina, E., & Fernandez, E. B. (2013). An analysis of security issues for cloud computing. Journal of Internet Services and Applications, 4(1), 5.

Kharraz, A., Robertson, W., Balzarotti, D., Bilge, L., & Kirda, E. (2015). Cutting the Gordian knot: A look under the hood of ransomware attacks. International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, 3–24. Springer.

National Institute of Standards and Technology. (2018). Framework for Improving Critical Infrastructure Cybersecurity (Version 1.1). NIST.

Nguyen, K., Nwokedi, S., & Gajbhiye, A. (2017). Mitigating cybersecurity risks for small businesses: Recommendations and strategies. Journal of Small Business Strategy, 27(2), 71–84.

Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2017). Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q). Computers & Security, 42, 165–176.

Richardson, R., & North, M. M. (2017). Ransomware: Evolution, mitigation and prevention. International Management Review, 13(1), 10–21.

Scaife, N., Carter, H., Traynor, P., & Butler, K. R. (2016). Cryptolock (and drop it): Stopping ransomware attacks on user data. 2016 IEEE 36th International Conference on Distributed Computing Systems (ICDCS), 303–312.

Shinde, P., & Patil, S. (2020). A review on ransomware attack: Evolution, defence and challenges. International Journal of Computer Sciences and Engineering, 8(4), 132–138.

Small Business Trends. (2019). Ransomware is most common malware threat for small business. Journal of Small Business Cybersecurity Research, 3(2), 10–18.

Verizon. (2021). 2021 Data Breach Investigations Report. Verizon Enterprise Solutions.

von Solms, R., & van Niekerk, J. (2013). From information security to cyber security. Computers & Security, 38, 97–102.

Wangen, G., Hallstensen, C., & Snekkenes, E. (2018). A framework for estimating information security risk assessment method completeness. International Journal of Information Security, 17(6), 681–699.

Downloads

Published

2025-06-15

How to Cite

Yusfrizal, Y., Syahrin, A., Gunawan, H., Doloksaribu, V., & Gultom, D. I. (2025). Case Study: How T&S Survived a Ransomware Attack. Journal of Artificial Intelligence and Engineering Applications (JAIEA), 4(3), 2082–2086. https://doi.org/10.59934/jaiea.v4i3.1096

Issue

Vol. 4 No. 3 (2025): June 2025

Section

Articles

License

Copyright (c) 2025 Journal of Artificial Intelligence and Engineering Applications (JAIEA)

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.