Case Study: North American city government eradicates ransomware and restores critical services with Mandiant

Modern Ransomware And Incident Response Solutions

Government Agency was hit by a ransomware attack after an adversary exploited a weak network password, threatening critical services such as 911 dispatch and tax administration. The agency engaged Mandiant (Mandiant Consulting), leveraging the existing FireEye technology stack including FireEye Endpoint Security and FireEye Network Security and Forensics, to investigate, contain, and remediate the incident.

Mandiant deployed remote monitoring, sent incident responders and a reverse engineer onsite within one day, and neutralized the ransomware over a two-week engagement. Mandiant then rebuilt systems, delivered a Ransomware Defense Assessment and tabletop exercises, and recommended controls (network segmentation, least-privilege access, backup testing, MFA). After adopting Mandiant Managed Defense, the agency saw Mandiant block a new ransomware variant within 30 days and continues to use Mandiant for 24x7 detection and response.