It takes a moment and IT is turned upside down: Suddenly, you are faced with huge, seemingly insurmountable problems. A best-practice report from practical experience.

Guest post by Oliver Brückner.

A shrill tone breaks through the morning routine. The call that brings everything to a standstill. IT systems encrypted – thrown back into the Stone Age overnight. To zero. What was just a functioning company is now a shadow of itself.

No access to customer data, no sending of emails, no invoices. Pen and paper become the only alternative, but that’s not enough. Anyone who has ever faced the consequences of a cyber attack knows this crushing powerlessness.

I have experienced it myself.

IT is also a gateway

About the general challenges

IT security faces the challenge of continuously adapting to new threats, as cybercriminals develop increasingly sophisticated attack strategies.

At the same time, companies must ensure that their security measures do not restrict user-friendliness in order to enable productive work. Due to the increasing networking and the increased use of cloud technologies, it is also becoming increasingly difficult to protect sensitive data from unauthorized access.

The Situation – A Company on the Brink

Experienced at a medium-sized company, which serves around 50,000 customers. With an average annual turnover of around 60 million euros. With a stable basis – until this day.

  • Cause: A known security vulnerability in the mail server. The company had installed patches – but it was not enough. The attacker had already gotten a foot in the door.
  • Incident: A complete encryption of all customer and company data.
  • Consequences: Standstill of all processes. Customers whose business processes depend on the company are suddenly paralyzed. Invoices are missing, existences are at stake.
  • Damage: Very high reconstruction costs. In addition, there is the image damage, countless overtime hours, chaotic rework from notes, customer losses, burnouts, overload notifications and much more.
Startup image

The long way back

 Due to the complete encryption and the uncertainty of how long the attackers had been in the system, the firewall was replaced, a comprehensive revision of the network concept was carried out, and adjustments to the IP ranges were made. A second central storage for the server infrastructure was added, as the old servers continued to run in isolation for forensic analysis. 

To avoid another incident within a few months, we completely reconfigured all servers. All company data was individually restored from the backup and checked for viruses before being played back.

After more than two months, we were able to ensure a regulated emergency operation with basic functions. It wasn’t until seven months later that normal operations were running smoothly again. In total, it took us more than a year and a half to complete all the follow-up work.


Our Approach

To detect future attacks at an early stage, we have introduced a threat detection system (TDS) and linked it to a Security Operations Center (SOC). This allows all security-critical events on servers and clients to be monitored in real-time and countermeasures to be taken immediately in the event of threats.

These events are distinguished by their criticality and evaluated by IT security experts around the clock. To meet the highest security standards, we have consistently implemented all the requirements of an ISO-27001 certification.

Sensitivity to the issue is the first step.

In system houses, one often hears the sentence: Nothing will happen. But reality shows: It happens. And when it happens, then often with a force that can bring companies to the brink of existence.

But from this crisis arose an awareness: in Mecklenburg-Vorpommern, there was almost no one who really had in-depth knowledge of current IT security practices. Many relied on firewalls and backups – but that alone is by no means enough. Therefore, I decided to proactively offer my knowledge and experience. This is how my company came into being, with the goal of raising IT security to a new level.

Founders of VA Defence, Oliver Brückner

My Drive – IT Security as a Foundation 

This experience has shaped my view on IT security. I see it not as an optional protection mechanism, but as an existential foundation for companies. As an IT service provider for critical infrastructures, we have made it our task to make networks and systems not only resilient, but also to plan them in such a way that even in the worst case, an orderly restart is possible.

Because one thing I’ve learned: IT security is not a product, it’s an attitude.

What we can do, what others cannot

Our expertise lies in not just relying on known solutions, but in considering IT security as a holistic process. While many system houses rely on standard solutions, we thoroughly analyze the individual infrastructure of a company.

Our strengths: 

  • Proactive Security Strategies: We think beyond standard solutions and design individual protection concepts.
  • Comprehensive Approach: We combine network security, virtualization, and disaster recovery to create a resilient environment.
  • Practical Experience: Through our work with critical infrastructures, we are familiar with the challenges and risks that companies face daily.
  • Crisis Management and Reconstruction: We know that good IT security not only prevents, but also prepares – for the worst-case scenario.

We do not only analyze vulnerabilities, but also implement the necessary measures to make networks more secure. Our range of services extends from the development and implementation of modern network concepts – physical and logical – to site networking using VPN and fiber optic solutions.

As IT security is a dynamic field, we also deal with various systems for attack detection as well as with current AI-based solutions that simplify internal processes and relieve employees. Our goal: not only to secure companies, but to offer them a real added value through smart technologies.

Recognize before the incident occurs.

Why companies are now betting on us

Rooted in Mecklenburg-Vorpommern, with north German quality and a clear focus on sustainability and future security – we stand for IT security solutions that go beyond standards.

Our advantages: 

  • Regional proximity, direct support: personal care
  • Practical experience: we are not only familiar with theoretical security concepts, but also test them under real conditions in a comprehensive test system
  • Hanseatic values: Quality, reliability, honesty and independent solutions are our top priority
  • Future-proof IT concepts: We rely on modern, scalable solutions that grow with your company. 

We are not just a service provider – we are your partner in IT security. Let us work together to ensure that your company remains protected – now and in the future.

Logo VA DEFENSE

VA DEFENSE

Wismar