More than 40 percent of businesses experienced at least one ransomware attack in the last year, according to a recent study by Malwarebytes. In the U.S., that number jumps to over 50 percent. Dennis Magbata, an IT administrator at TaylorMade, shared with us his story of a recent ransomware scare—and how having Code42 CrashPlan saved the day.
If you’re in IT and paying any attention to the news, it’s hard to go a week without reading about another high-profile ransomware attack. So I knew the threat was out there, but when I started getting calls from panicked users, I was still surprised.
The culprit was an email attachment that looked like an internal expense report. By the time we started getting the calls from users, more than 20 had already taken the bait—and dozens more weren’t sure if they had downloaded the attachment. The ransomware overwrote many of our files and even went beyond the endpoints, locking down the files on our network drives.
Facing a grim outlook
Without CrashPlan, we would have had to completely start over. We would have been looking at a best-case scenario of at least a week of painstakingly scanning each device and recovering each file, one by one. To make matters worse, we wouldn’t have been completely certain which devices were infected. So we would’ve had to wipe the devices of anyone who might have opened the attachment. This larger-scale recovery would’ve likely meant outsourcing the work to a third party—at an even higher cost.
This protracted restore effort would’ve left our users working on loaner laptops, without many of the files they need to get work done. Productivity would’ve taken a huge hit.
On top of all of this, we would’ve seriously considered paying the ransom. Which, of course, isn’t just an added cost—it’s adding fuel to the ransomware fire.
Backed up—and back in the game
Fortunately, we’ve been a Code42 CrashPlan customer for almost four years, so we knew right away that our data was backed up. We were able to start from scratch, wiping the infected devices and knowing that we had a clean restore from right before the ransomware hit.
Faster restore cuts IT time in half, gets users back to work days sooner
No cyber attack is ever a walk in the park—it’s always stressful; it always adds work for IT. But CrashPlan made it much easier and faster. I’d estimate that we cut our data recovery time in half. That meant fewer headaches for our IT team and significantly lower IT costs. The faster restore also meant we were able to give users their devices back—with their data—in a day or two, instead of a week or more.
Lesson learned: be certain
At TaylorMade, we spend a lot of time educating users on how to work in ways that support data security—how to spot suspicious emails, not clicking on unknown links or downloading unverified attachments. But anyone who has ever worked in IT knows users still click.
With CrashPlan, we know we’re covered. We’re not relying on our users to execute the backups, and IT isn’t handling manual backups for 1,200 users. If something happens, we don’t worry about when the latest backup happened—backup is continuous and automatic. I’m doing everything I can to keep ransomware from hitting us again. But if it does, I know we won’t be locked out. I know our users won’t be stuck without their devices and their data. And I know we won’t pay the ransom.