Sales: 0845 470 4001 | Support: 0845 230 6001 | Contact Form | NPS

Restoring critical data in three days following a cyberattack

Restoring critical data in three days following a cyberattack

The Challenge

In Q3 of 2024, the CEO of a UK-based bank received an email from a ransomware group, informing him that the bank's data had been encrypted and would be released on the dark web unless a ransom demand was paid. Although several insurers and consultants were engaged to resolve the situation, the slow response times made it clear that an alternative approach would be needed.

Finally, in order to minimise the resulting downtime and resume operations as soon as possible, without giving in to the criminals' ransom demand, the organisation engaged Exponential-e to restore and secure their critical servers. With even the shortest period of downtime resulting in serious financial and reputational damage, a team of incident response specialists immediately began the restoration process, aiming to have the bank's systems back online in days rather than weeks.

The Solution

The restoration process began with a thorough audit of the IT ecosystem to establish which servers had been impacted, after which the affected VMs were powered down. A new, fully isolated VDC was created to store these VMs once they were recovered, along with a completely new firewall zone.

With the affected servers restored into this new VDC zone, firewalls were established to allow for the most basic access, after which malware scans were conducted. These scans continued for two days, during which the customer was granted initial access to the servers via a temporary SSL VPN with Azure MFA, allowing them to resume operations in just three days.

At this point, Zerto replication was set up for the new VMs, while Exponential-e simultaneously engaged with the third party that was conducting a forensic investigation. 

Connectivity was soon re-established for the customer's other offices, at which point users were brought back online. Firewall logs were provided for the forensic team, along with initial access to VM images via vCloud Director.

Finally, a test rebuild of the affected VMs was conducted and finalised within two days, and additional firewall policies established.

Exponential-e has repeated variations of this process for multiple other organisations affected by ransomware attacks, allowing them to resume operations as quickly as possible and ensure their critical infrastructure is secured against future attacks. 

The Result

Ongoing communication between all parties involved ,including a dedicated team of incident response specialists at Exponential-e with a defined action plan ensured a seamless restoration process. Day-to-day operations resumed in just seven days, without paying the criminals' ransom demand.

Don't wait for a crisis to expose the cracks, fortify your defences today. Discover how expert response turned seven days of chaos into operational recovery.

  76 Hits

Is the NHS 10 Year Plan fit for the future when it comes to cyber security?

nhs-digital-transformation-cybersecurity-critical-infrastructure

The recently released NHS 10 Year Health Plan is part of the Government's mission to build a health service fit for the future. Setting out how the government will reinvent the NHS through three radical shifts: hospital to community, analogue to digital and sickness to prevention.

  243 Hits

'Frictionless' shopping and the rebirth of the high street

Frictionless-shopping_

We've been hearing about the impending demise of the high street for years now, ever since online shopping and click-and-collect established themselves as part of our day-to-day lives. And yet, while brick-and-mortar retail has certainly been through a great many challenges and upheavals, it doesn't show any sign of going away quite yet. Rather than simply expecting customers to be content with previous generations' shopping experiences, the sector has demonstrated considerable ingenuity by taking full advantage of emerging technologies to deliver the kind of personalisation that would previously have been the sole preserve of online platforms.

  435 Hits

Smart spaces and the new guest experience - rethinking the network’s role in hospitality

Hospitality-Smart-Spaces_BlogHeader

Across the Hospitality & Leisure sector, from pubs to five-star hotels - guests' expectations have evolved in ways that would have been impossible to imagine just a decade ago.

  382 Hits

The Exponential-e Group & the NFSP

blog-header--the-exponential-e-group-the-nfsp
Supporting the optimal availability of fire and emergency services through next-gen connectivity

About the Networked Fire Services Partnership (NFSP)

The Network Fire Services Partnership (NFSP) works to drive closer collaboration between fire & rescue services across Devon and Somerset, Dorset & Wiltshire, Hampshire & IOW, and Kent, operating out of four control rooms to maximise the effectiveness and availability of critical services across these regions.

The Challenge

With fire and emergency services, any downtime could cost lives, which means the quality of our underlying network and– in turn – the performance and availability of key platforms are top priorities for us.

Neil McKeever, NFSP Technical Lead

The NFSP utilises a Control and Dispatch (CAD) system to interlink its four control rooms, ensuring seamless, secure flows of data in order to maximise ease of communication and, in turn, deployment times. This system is constantly evolving to better serve citizens across the country and – ultimately – save lives.

In order to optimise the performance of the newest iteration of the CAD platform, a decision was made to split off the NFSP's underling network, utilising the existing network for day-to-day operations, while deploying a new, fully dedicated network for CAD applications

Following a competitive tender process, the Exponential-e Group's 20-year pedigree in the design and delivery of critical infrastructure, 

their experts' personal experience within a range of emergency services, and the inherent resilience of their self-owned, enterprise-class network made them a clear standout, and so they were selected as the NFSP's new networking partner, providing RO2 connectivity between the NFSP's control rooms, back-up control rooms, and the NEC data centres in which the new iteration of their CAD platform would be hosted.

Exponential-e's specialists immediately began working closely with the NFSP's own teams to establish the new network specifications and plan for a successful rollout of the new platform, while also preparing for the impending launch of the new Emergency Services Network (ESN).

The Solution

Thanks to Exponential-e's continued support, we're now in a good position for the upcoming launch of the ESN, which will open the door to further enhancements in the future.

Neil McKeever, NFSP Technical Lead

It was decided that the existing network would remain in place throughout the deployment of the new one, with the current CAD platform continuing to run on it. This would not only ensure any downtime could be completely avoided – an absolute necessity for a project of this nature – but also allow for a more intelligent, phased deployment process for the new platform, with ample scope to sandboxing, testing, and in-built redundancy until it was ready for a full-scale deployment, with the legacy platform phased out completely.

A dedicated account team took full responsibility for the design and the delivery of this new network, working with existing infrastructure where appropriate, and deploying completely new fibre where it was required. The project plan was designed so the NFSP could begin making use of individual connections as soon as they became available, in parallel with ongoing testing and deployment processes, ensuring the desired benefits could be realised as soon as possible.

This involved the most rigorous standards of performance and availability, in order to support real-time communications between the NFSP's control rooms, their colleagues, and all citizens who would need to make contact for any reason. Exponential-e's role in the Government's ESN project is critical here, ensuring the NFSP will be able to begin making use of this UK-wide network's capabilities as soon as it launches, further enhancing communication, collaboration, and responsiveness for frontline emergency service workers across the country.

Exponential-e are set to continue working with the NFSP in the years ahead, ensuring the underlying network continues to support the seamless delivery of fire and emergency services, maximising the number of lives saved.

Solution Benefits 

  • Highly resilient, highly secure R02 connectivity between four control rooms, their back-ups, and NEC data environments, optimising the performance and availability of a key control and command platform
  • Hands-on consultation and support from a dedicated team of networking experts with years of hands-on experience across the emergency services
  • A phased deployment process, managed by a dedicated account team, minimising operational disruption and maximising time-to-value
  • Hands-on support from the only privately-owned British company involved in the UK Government's ESN project
  242 Hits

Tackling cyber security blind spots in healthcare

blog-header-tackling-cyber-security-blind-spots-in-healthcare

For many Chief Information Security Officers (CISOs), the first challenge isn't stopping a breach, it's knowing where the breach could even happen. Healthcare IT estates are some of the most complex and fragmented in the public sector.

  529 Hits

Reflecting on the 2025 BSA Conference - Modernising the Mutual

reflecting-on-the-2025-bsa-conference-modernising-the-mutual_blogheader

Having returned from the BSA Conference 2025, it was clear that building societies are navigating a critical juncture - balancing their relationship-led service models while addressing the urgent need to modernise outdated systems and improve operational efficiency. Given the current geopolitical climate, and the increasing pace of innovation, developing a strategy that not only solves immediate challenges, but offers sufficient scope to tackle future issues, can often seem like a moving target.

  557 Hits

NCSC warns of IT helpdesk impersonation trick being used by ransomware gangs after UK retailers attacked

IT-HEL2

The UK's National Cyber Security Centre (NCSC) has warned the IT helpdesks of retailers to be on their guard against bogus support calls they might receive from hackers pretending to be staff locked out of their accounts.

  76543 Hits

Streamlined management, unparalleled protection: How SASE is ushering in the third generation of network security

blog-header-streamlined-management-unparalleled-protection

The security of enterprise networks is a critical priority for all organisations across the public and private sectors, as they are forced to contend with an increasingly turbulent cyber threat landscape. As a result, network teams increasingly find their roles overlap with their organisations' cyber security strategies, with numerous siloed elements now converging.

  1253 Hits

Legal firms who do not embrace cloud technology solutions and leading-edge cyber security will risk their reputations in the months ahead

Legal-firms-who-do-not-embrace-cloud-technology-solutions-and-leading-edge-cyber-security-will-risk-their-reputations-in-the-months-ahead

In light of numerous dramatic shifts in the geopolitical landscape in recent months, this blog has reiterated the need for organisations across all sectors to strengthen and - if necessary - reconsider their cyber security postures, in order to prepare for the anticipated attacks by global bad actors. The legal sector is no exception, particularly as these attacks are anticipated to specifically target the most high-value data.

  3146 Hits

Why Legal firms are the natural home of hybrid Cloud infrastructure

b2ap3_large_blog-header-why-legal-firms-are-the-natural-home-of-hybrid-cloud-infrastructure

Although digital transformation amongst Legal firms has typically been comparatively slow compared to other sectors, the journey has picked up speed over the course of the last decade.

  2040 Hits

Offering clients the ultimate peace of mind – a new approach to security and remediation for legal firms

legal-remediation-offering-clients-the-ultimate-peace-of-min_20250410-144713_1

Although the sector as a whole has traditionally been comparatively wary of the ever-increasing pace of technology, legal services are increasingly data driven, with an abundance of AI-related discussion emerging within legal technology circles. The core Document Management Systems (DMS) and Practice Management Systems (PMS) remain the centre of focus for how and where to deploy a variety of rapidly maturing SaaS platforms, or dedicated, highly customised suites.

  1376 Hits

The new breed of seamless, secure cashflow emerges: Ensuring your organisation is prepared for the payments revolution

the-new-seamless-secure-cashflow-emerges-ensuring-your-organisation-is-prepared-for-the-payments-revolution
We make payments, large and small, every day of our lives. From paying our bills and making payments to friends online, to the large-scale bank transfers that help business flow. Money changes hands through a wider range of channels and platforms than ever before, to the extent the days of cash-in-hand being the default payment model are a fading memory for many of us. The convenience and flexibility can't be disputed, but as with any emerging technology, the new flows of data must be given careful consideration, ensuring businesses and customers alike can rest assured that their money will remain secure throughout every stage of every transaction.
  1071 Hits

The Hidden Barrier to Digital Transformation that Insurers must be Ready to Overcome

the-hidden-barrier-to-digital-transformation-that-insurers-must-be-ready-to-overcome

Digital transformation continues to pick up pace across the financial sector. However, in spite of the potential benefits on offer, many insurance firms continue to lag behind their peers in terms of their overall digital maturity. 

  1049 Hits

Preparing for DORA: What do these new regulations mean for finance and insurance firms?

preparing-for-dora-what-do-these-new-regulations-mean-for-finance-and-insurance-firms
When it comes to insurance and financial services, the ability to offer clients peace of mind is the key to ensuring the sector's continued longevity. Cyberattacks are evolving in frequency and sophistication, with criminals selecting progressively more ambitious targets, and even minor IT outages, whether they're caused by human error or 'acts of God', will have a serious effect on firms' operations, negatively affecting both profitability and brand reputation. With this in mind, firms must reconsider the way they approach operational resilience, particularly regarding the way access rights for critical systems and data are managed.
  1338 Hits

Balancing safety, security, and unforgettable welcomes in the Pub of the Future

blog-header-Balancing-safety-security-and-unforgettable-welcomes-in-the-Pub-of-the-Future

Like many longstanding institutions, Britain's world-renowned pubs are undergoing their own digital transformation journey, utilising leading-edge technologies to offer truly personalised experiences to patrons of all ages and backgrounds - from longstanding regulars visiting for their usual pint, to families looking for a meal, and young professionals working on the go. It's an exciting time for the sector as a whole, but at the same time, the drive for modernisation must not come at the expense of patrons' safety and enjoyment.

  1700 Hits

UK Government proposes ransomware payment ban for public sector

uk-government-proposes-ransomware-payment-ban-for-public-sector

The UK government has proposed extending its ban on ransomware payments to cover the entire public sector in an attempt to deter cybercriminal attacks and protect taxpayers.

  62376 Hits

Talking, listening, optimising: rethinking the customer journey in the new era of AI

talking-listening-optimising-rethinking-the-customer-journey-in-the-new-era-of-ai
In the contact centre, the customer journey is everything. Every potential point of interaction must be carefully considered, with systems and processes established to maximise the chances of a fast, satisfactory resolution.
  1028 Hits

The importance of knowing your legacy systems

the-importance-of-knowing-your-legacy-systems

The level of legacy debt varies widely across the NHS and a recent report from the Department of Science Technology and Innovation (DSIT) has revealed that legacy technology can range from as little as 10 to as much as 60-70%. This reliance on outdated systems presents a significant cyber security challenge, heightened by the fact that 15% of surveyed organisations could not estimate the size of their legacy estate. The report also highlights that these systems are high-risk, prone to security vulnerabilities, lack support, and subject to operational failures.

  846 Hits

£3 million fine for healthcare MSP with sloppy security after it was hit by ransomware attack

3-million-fine-for-healthcare-msp-with-sloppy-security-after-it-was-hit-by-ransomware-attack

A UK firm has been hit by a £3.07 million fine after being hit by a ransomware attack that exposed sensitive data related to almost 80,000 people, and disrupted NHS services.

  79807 Hits