400 Blvd Curé-Labelle, #304 Laval QC H7V 2S7 Canada
+1 450-681-3009
+1 450-681-3009

Ransomware Detected!

Written by Phil Nussbaum

We got hit!

hacked computerAt Namtek Consulting Services, we use the same QBR Business Continuity solution (Quick Backup Recovery), that protects our customers’ IT assets, software and hardware, in order to protect our own 8 servers and numerous workstations. We do so because we’ve seen firsthand how powerful and trustworthy this solution is.

On Thursday morning, we sustained a ransomware attack at 8:58 AM that brought down the server used by our programmers where 14 years of program source code is stored. At that moment in time, all of Namtek’s important folders were encrypted with ransomware, rendering everything completely inaccessible.

A new text file, which was added to the root directory, provided instructions on how to pay the ransom demanded in order to obtain a decrypter file to get back the frozen or encrypted data.

Was this a DISASTER? Not for us! Nobody here so much as even batted an eyelash.

A couple of clicks, here and there, and off goes a bare metal restore.

The bare metal restore restored the system to factory settings and then restored the entirety of all virtual and physical drives to the last backup. In our case about 350GB, automatically backed up 9 hours earlier at midnight. (QBR does automatic backups where the backup interval is set by the user. Two copies are made each time – one on premises and the other off-site, to the Cloud)

Once this restore process was started, there is nothing to do except wait for it to complete. It took 80 minutes from start to finish; 10 minutes to realize that we’ve been hit and 70 minutes for the bare metal restore to finish.

Everything back to normal and we were able to continue as if it had never happened.

Important:

Even if you pay the ransom and get the ransomware crook’s decrypter file to resolve the problem, the logistics could take hours to complete, during which time the system’s users are at a standstill, unable to function without the IT infrastructure they rely upon, day in day out.

Relying on a file backup is even worse. Say you have a backup of all files, databases etc. that you have on your server. The ransomware has infected system areas not included in any file backup. In this case, either new replacement equipment is called for or you are unfortunately faced with a lengthy manual reset and setup of the current equipment. Either way, the downtime is huge and the losses can be great. Don’t take a chance – don’t get hit!

Your best solution is the QBR Business Continuity Service, powered by Datto, provided by Namtek Consulting Services. 

Call us immediately at 450-681-3009 or visit us at Quick-Backup-Recovery.com

You can even email me personally at Phil@namtek.ca

Read original article on LinkedIn today by Phil Nussbaum

Related Posts

Leave a reply