Seafood Processing & Export
Seafood Processor Restores Operations in Under 90 Minutes After Ransomware Attempt
87 minutes
Total downtime when ransomware hit, measured from detection to line back in production.
0 lots lost
No traceability records or in-flight production data was lost during the incident.
4 attacks blocked
Email impersonation and credential phishing attempts blocked in the first six months after rollout.
100% MFA coverage
Every Microsoft 365 account is now protected with multi-factor authentication.
The challenge
The client operated with a single flat network shared between office computers, the labelling system, scales, and security cameras. Backups ran nightly to a single onsite drive. There was no centralized monitoring, no email filtering beyond the Microsoft 365 default, and no incident response plan. During a peak herring run, an attacker reached the shared drive through a compromised office laptop and began encrypting files. The processing line depended on labelling software that pulled from that same share.
What we did
- Deployed managed endpoint detection and response across every workstation and server, including the legacy PCs running labelling and scale software.
- Segmented the network into office, plant operations, security, and guest zones using managed switches and a UniFi gateway.
- Replaced the single onsite backup drive with a Datto BCDR appliance taking snapshots every fifteen minutes, replicated to the cloud nightly.
- Enabled multi-factor authentication and conditional access across the Microsoft 365 tenant.
- Layered advanced email security with impersonation detection in front of Microsoft 365.
- Documented an incident response runbook and ran a tabletop exercise with the leadership team.
“We were in the middle of our busiest week of the year when it happened. Fundy Tech had us back on the line before lunch. Without that backup appliance and their response, we'd have missed two shipments and probably lost a buyer.”