Menu

If you suspect an active attack on your business, call our emergency hotline at: 612-399-9680
If you suspect an active attack on your business, call our emergency hotline at: 612-399-9680
An attacker gained access to a logistics company’s VPN network through a phishing email scam. The attacker went undetected for months, wired approximately $300,000 from the company’s bank account into their personal account, and set off a ransomware attack that encrypted all of the company’s computer assets. BTA set up camp on site and devoted more than 300 man hours. We had the business back up and running in just three days and reimaged 300 workstations in five days.
The President of a construction company realized he wasn’t receiving financial emails from clients. He contacted his MSP to investigate, and while they did find and remove some suspicious email forwarding rules, they did not find them all. The attacker attempted to steal money from a client, but fortunately the wiring instructions contained an error, which alerted the company that the attack was still ongoing. The BTA team came in and was able to identify and remove the well-disguised email forwarding rules. We implemented measures to harden the company’s email service and validated that the attacker had not gained access to anything other than email.
A manufacturing company realized they had unknowingly been under attack for months when $700,000 was moved out of their company bank account in error. They then realized they also weren’t receiving payments from some customers. It turns out an attacker was rerouting payments to a personal account. BTA was called in for rescue services. We evicted the attacker, delivered containment, and the company has not had another cybersecurity issue in more than 12 months since following our remediation recommendations.
A company that produces point-of-sale systems for major retailers was the victim of a ransomware attack. Roughly 90 percent of their 100 servers were encrypted by the attack, and they actually saw the attacker at work trying to delete their backup jobs. In this emergency situation, the BTA team went to a 24-hour schedule to contain the outbreak and limit further damage. We took their entire production environment offline and restored everything from their SAN snapshots. We evicted the attacker, changed all of their passwords, conducted a full Office 365 review, and got them back up and running within a work week.
Contact
Emergency Hotline 612-399-9680
General Number
612-888-9674
Mailing Address
1360 University Ave Ste 104 Unit 122
St. Paul MN 55104