An Aussie ransomware attack – 36 hours later…

Andrew Cunningham, CEO of Data Central, an Australian managed service provider, spent 36 hours last week rebuilding systems after a catastrophic ransomware attack on an un-named customer.

The initial demand was for US$75,000 in bitcoin – the customer decided not to pay.

Andrew had been in discussions with the victim (who wishes to remain anonymous) for some time.  The victim had been moving offices and decided to wait until the relocation was complete before updating security and backup infrastructure.

But a hacker breached their current security app (a household name product) and launched the ransomware attack on Monday night. By morning, all systems were infected. Backups were unrecoverable. All files were encrypted and could not be restored. All but two PC’s and servers were infected with ransomware.

“Fortunately, we had installed Comodo advanced endpoint protection (AEP) on two PCs as part of a trial and proof of concept for the customer – and the only two machines with zero infection were running Comodo,” said Andrew.

“That is the best endorsement for a security solution in a real world, side-side comparison against a live ransomware attack. If I hadn’t seen it, I would not have believed it”

He added:  “I first spoke to Comodo earlier this year as they were setting up their Australian operations. The local team of Ian Clarke (technical pre-sales) and Greg Wyman (sales) walked us through their solution and quite frankly we were concerned it was perhaps more ‘marketing hype’ than actually working technology.

“We did our due diligence, tested it and found that the Comodo auto containment technology and Valkyrie (the Comodo artificial intelligence engine) worked flawlessly in every test we threw at it.

“The ability to stop all files from allowing malicious writes to the hard disk, COM Interface and Registry are truly game changing, and no other security product has this functionality or how Comodo delivers superior prevention of malware from breaching an endpoint.”

He added:  “We had deployed Comodo Advanced Endpoint Protection to almost every customer, and thank goodness we did.

“Until you see first-hand the devastation that a ransomware attack causes, you can’t believe the pain. I have just gone through almost 36 hours with almost no sleep. The customer’s business has been dreadfully impacted.

“It could have all been avoided if we had deployed Comodo before they moved to the new office. It wasn’t even a financial issue, as the Comodo AEP solution is less expensive than most competitors.”

Data Central is now deploying Datto backup and disaster recovery to provide an even higher level of recoverability for the customer.

Final word from Andrew Cunningham: “My one suggestion to every business is ‘deploy auto containment and Valkyrie before it is too late’. We are happy to help any customer who is running ‘traditional’ anti-virus, next gen anti-virus or even EDR product as those products simply cannot stop the new attacks.”

Headquartered in Clifton NJ, Comodo’s global development team and threat intelligence laboratories deliver innovative, category leading, security solutions for thousands of companies’ endpoints, network boundaries, and internal networks. For more information visit