Ransomware attacks have been making international headlines, and St. Louis cyber security threats are all too real. See how one local business survived a ransomware attack with the help of proper IT support.
In late June, malware struck companies in the U.S., Europe, and the Middle East. This massive attack, a variant of the Petya family of ransomware, infected thousands of systems. This was on the heels of the largest global ransomware attack in history, WannaCry, the consequences of which are still being tallied months later.
In a ransomware attack, cyber criminals infect a computer or network with malware that encrypts data, rendering it unusable. They claim they will decrypt the data in exchange for a ransom, which is usually requested in the form of bitcoin. However, there is no guarantee that the data will be returned.
In light of these recent crimes and a spike in cyber attacks worldwide, ransomware protection is a hot topic. The International Police Organization (INTERPOL) recently held its annual security conference, INTERPOL World, which brings together law enforcement, security professionals, and technology providers. On the agenda was the mounting volume of cyber threats and the heightened importance of cyber security. St. Louis businesses need to tune in, too. Ransomware defenses, and other cyber security concerns, are as much local issues as they are international ones.
Just One Example of Ransomware in St. Louis
Earlier this year, a small business in the greater St. Louis area* experienced the severity of cyber security threats firsthand when ransomware infected its communications server. Luckily, when it was detected, the ransomware was confined to that device. The business’s IT support vendor detached the machine from the network, scanned it to remove the threat and returned it to the infrastructure after believing all instances of the threat had been identified and eradicated.
It had not! This time the ransomware spread throughout the network and locked up business-critical data on the primary fileserver. Because the company did not have a backup system in place, the IT vendor said it was unable to retrieve any data and suggested the only option was to pay the ransom.
The business owner was in a total panic at that point because every piece of client data for the entire business had been rendered unusable. The ransom was expensive. He knew that even if he paid it, he still risked receiving partial data, damaged data, or nothing at all. From an ethical standpoint, it felt like the wrong thing to do. Law enforcement recommends people not to pay the ransom as it encourages subsequent attacks.
The Road to Ransomware Recovery
The business owner wanted a second opinion. With a quick Google search, he found Anderson Technologies, a local St. Louis cyber security firm. He called and shared his story. Mark Anderson and his team agreed to do their best to help. Luke Bragg, senior system administrator at Anderson Technologies, went onsite, assessed the situation, and conducted a deep inspection. He discovered the ransomware had infected most of the drive but upon further investigation identified previously hidden copies of company data that were untouched. After successfully removing the ransomware Luke recovered every single file.
The ransomware recovery process took two days, but in the end the Anderson Technologies team retrieved all the company’s data, onboarded it to its managed IT services program, put new cyber security preventative measures in place, and implemented a reliable approach to backing up all the company’s files.
This is an extraordinary story and certainly not the norm. Unfortunately, plenty of businesses are attacked by ransomware from which they cannot recover. However, this example illustrates two important points:
- Businesses must take ransomware protection seriously with cyber security. In St. Louis cyber criminals attack companies big and small.
- The skill and experience of your IT partner affects the outcome of your ransomware recovery process.
This story could have had a different ending if the company chose a less experienced IT firm. Should your company be in a bind, choose a partner with a proven track record.
Anderson Technologies is a St. Louis cyber security company that specializes in ransomware protection and recovery. For more information on our services, email info@andersontech.com or call 314.394.3001 today.
*To protect this business’s privacy, we have omitted its name and any identifying details.