ABC Corporation is an import and export company that has been in business for over two decades. The company has over 20 staff on payroll, and relies heavily on its IT infrastructure to manage operations, supply chain, and financials. They have invested heavily in their IT infrastructure over the years. However, in 2021, the company suffered a severe ransomware attack that caught them off guard.
Incident:
The attack was initiated when an employee clicked on a malicious link in an email that looked legitimate. This action triggered the installation of ransomware on the computer node, which then spread to the network drive, encrypting files on the server as well. The ransomware encrypted all their critical data, including customer information, financials, and supply chain data. The attackers demanded a ransom of $50,000 in cryptocurrency in exchange for the decryption key. The company refused to pay the ransom, hoping they could restore their data from backups. However, to their dismay, they discovered that their backups were outdated, and the most recent backup was over two weeks old. This meant they had to retrace two weeks of all business operating documents, and rebuild their systems and data from scratch, causing significant downtime and losses.
Solution:
After the attack, the company engaged Entrust Network Services, an ISO 27001 certified IT consulting firm specializing in cybersecurity and data backup and recovery solutions. The IT consulting firm assessed the damage caused by the ransomware and provided recommendations for preventing future attacks. The consulting firm recommended implementing a robust backup and recovery solution that includes cloud backup, data replication, and data deduplication technologies to ensure that data is continuously backed up and available for recovery in the event of an attack.
The IT consulting firm implemented a three-tier backup and recovery solution. The first tier involved cloud backup, where all data was backed up to the cloud at regular intervals. The second tier involved data replication, where data was replicated to a secondary site in real-time. The third tier involved data deduplication, where redundant data was removed from backups, reducing the backup storage requirements and speeding up the recovery process.
Results:
The implementation of the backup and recovery solution was successfully launched at the start of 2022, and the company hasn’t experienced any data loss or downtime due to cyber-attacks since then. Periodic restoration exercises were successfully conducted and the company can now recover from any cyber-attack within minutes, minimizing any potential downtime and losses. The company also implemented a robust employee cybersecurity awareness training program to ensure that employees are aware of the risks associated with cyber-attacks and how to prevent them.