Struck by ransomware, an Auckland-headquartered specialist transport company was taken completely by surprise. After all, with systems secured by the latest antivirus and intrusion detection systems and multiple on-site backups, the last thing it expected was malware getting past all those defences. The first time round, unlocking data cost the company a cool $4,000. The next time it happened, the ransom demand was for far more - $15,000.
Fortunately, it was a case of ‘once bitten, twice shy’. In the aftermath of the first attack, the company implemented DataSure, provided by Verde as part of its Greentree ERP system resilience measures.
With this offsite, cloud backup in place, ransomware went from a potential disaster to a minor inconvenience.
The company’s director, who doesn’t want to be named, says being hit by ransomware came as a bolt from the blue. “You really don’t think this could happen to you, especially when you’ve got good systems in place, including industry-recognised anti-malware, fully up-to-date systems and even RAID on each server and double hard-drive backups. But believe me, despite all that, it can happen to you.”
He says an attachment made it through the company defences; someone clicked on it which let an intruder in. From there, the hacker disabled the company’s antivirus and other security measures, rendering them useless. Then the hacker encrypted all the company’s data.
“It was comprehensive. Even the backups – all of them – were locked up. Make no mistake, this malware was quite a smart thing.”
As is typical with ransomware, it wasn’t long after the infection that a demand came for payment. The first time it was for $4,000 and the company had no choice but to pay. “Four grand is a fair sum, but not enough to really hurt,” says the director. “So, we paid, and luckily, we were able to unlock the data and get back to work.”
Paying the ransom involved having to buy Bitcoin – itself a complicated exercise – and the obvious discomfort of forking money over to a criminal. And at the same time, the company’s information systems were locked up, impacting productivity as ‘business as usual’ can’t take place.
The process, however, alerted the director to the shortcomings of having all your eggs in one, on-premise, basket. As a result, no time was wasted in establishing a cloud backup with Verde’s DataSure.
Designed for the Greentree ERP solution in use at the transport company, it provides complete incremental cloud backups for up to two months with fully verified daily restores. This equips any company using Greentree and which suffers any sort of data loss or compromise, to simply roll the clock back.
“When the next ransomware made it through and we found ourselves locked out again, the hackers were greedier. The demand was for $15,000. That’s enough money to be a real problem.”
Now the director had an ace up his sleeve. He’d had DataSure implemented by Verde.
“Instead of coughing up 15 grand, all we did was wipe the server then reinstall it from a version prior to when the ransomware hit,” he says. It really was as simple as that – and it worked perfectly. One moment you’re locked out; the backup installs, and you’re in the clear.”
While the company had good security measures in place prior to this incident, the director says perceptions have changed. “Now we know that ‘good’ isn’t necessarily good enough. On-site backups have proven vulnerable; it’s not just our Greentree, but other company information is valuable too. We’ve put in place measures now for everything, including SharePoint and even protection for when employees accidentally delete stuff. It goes into the cloud, because that’s the one way we can be sure that if something happens, we’ll be OK.”
His advice to any Kiwi company is ‘be prepared’. “On-site isn’t foolproof and it isn’t enough; DataSure saved our bacon. Ransomware and cyberattacks don’t happen to someone else, sooner or later it will happen to you. And you really don’t want to have to pay money to criminals.”