Xtium Resolves Cryptolocker Virus Ransomware Attack
No company is safe from the onslaught of cyptolocker virus ransomware attacks. The unfortunate nature of these attacks is that human error and simple mistakes can allow entry to a cyberattacker and can render files and systems useless. That’s precisely why companies concerned about the cryptolocker virus, ransomware of all types, and other forms of malware should consider the secure cloud alternatives available to them. Recently, as we explain briefly below, an Xtium hosting client learned just how important this protection can be.
The situation in question involves an Xtium healthcare customer who was hit by a cryptolocker virus ransomware attack in May. The attackers were able to successfully encrypt many of the client’s production files, thus preventing the client’s employees from accessing important information and systems. The infection was caused when an employee unintentionally clicked on an email containing the cryptolocker virus. Ransomware attacks of this nature are common, and are exactly what Xtium’s response team was prepared for.
In this situation, Xtium’s backup solution prevented the potentially paralyzing effects of the cryptolocker virus ransomware. The client’s data was proactively protected through an extensive series of isolated, offsite backups and replication into our geographically redundant secure cloud environment. In addition to creating daily midnight backups, we capture data snapshots around the clock on a rolling 15-minute schedule. This creates a library of 96 backups every 24 hours from which the client’s systems can be recovered. Further, an independent supplemental data backup procedure—using a different backup methodology— backs up the client’s environment each night as an added measure of protection against data loss.
Unfortunately, despite the fact that rapid incident response is critical, it is a common that the cryptolocker virus ransomware and other cyberattacks are not noticed immediately. It is often several hours later that the company realizes that it has been attacked. In this particular case, the healthcare firm realized rather quickly that an attack had occurred and alerted the Xtium response team. Using the isolated offsite backups, we were prepared to restore the client’s production systems within 20 minutes. However, to minimize data loss, the response team conducted an immediate manual analysis of the backup file library to identify the recovery point closest to the point of impact (when the files were encrypted). Within an hour and twenty minutes, the team had pinpointed the first sign of data corruption and was prepared to bring back the client’s environment with minimal disruption to the business.