SMEs are increasingly targeted by cybercriminals. In the current issue of “Meine Firma”, AXA’s customer magazine for SMEs, the head of an architecture firm, that was exposed to a ransomware attack, shares his experience. Tobias Ellenberger, COO Oneconsult AG & Vice Chairman Oneconsult International AG, assesses the situation from the perspective of a cyber security expert and explains why such incidents are not uncommon.

Read the article (available in German only) to learn more about the consequences of the cyberattack in the case of the architecture firm and what options you have to mitigate the impact and protect against such attacks:

The OCINT-CSIRT (Oneconsult International Computer Security Incident Response Team) has already assisted and supported various companies that have experienced similar incidents as the architecture firm in dealing with ransomware or comparable attacks. SMEs in particular do not consider themselves to be the primary target of cybercriminals and usually do not have their own cyber security resources. It is therefore even more important that appropriate experts are contacted as soon as possible in the event of an emergency. In case of an attack, the OCINT-CSIRT can support you in identifying infected systems, initiating short-term measures to contain the incident and determining the cause of the infection, among other things, and is available to provide advice and assistance throughout the course of the incident – up to the return to normal operation. An essential part of this is also the development of an action plan, not only to deal with the current incident, but also to prevent future incidents in the best possible way and to be prepared should they nevertheless occur. As is also made clear in the article, solid preparation still provides the most effective means of protection. Thus, rather than waiting until an incident occurs, it is advisable to contact an expert in advance and use expert support to prepare for possible attack scenarios.

For more details about the individual Incident Response services, please check this website.