Ransomware does not discriminate. You might have heard horror stories when a company or even a city has had its data held hostage by ransomware. You might have even felt empathy, but chances are you probably also thought “It could never happen to me!”. Sadly, this is wishful thinking these days, as we’ve seen businesses of all sizes fall victim to ransomware.

A Small Business Held Hostage

At the beginning of May ACS was contacted by a local family-owned machine shop. The company has been in business for over 40 years with 15 employees, 13 of whom are family members. As an organization, they don’t rely as heavily on technology as other industries, but their day to day operations do require invoicing, email, and an industry line of business applications that assists with shipping labels and an on-site machine.

The Worst Case Scenario

For a number of years, this organization relied on an independent contractor to come in occasionally to assist with any computer issues. During the last week of April, this company found out the hard way that you can never be prepared enough for the worst-case scenario. The company found themselves attacked with ransomware. Within minutes their thriving organization was brought to a complete standstill. All of their PCs and servers had been infected and were locked. The only thing their computers could do was display an image alerting the employees that they need to pay 2 Bitcoin (Approx $15,000) to unlock their machines.

ACS was contacted and technicians were immediately dispatched to help assess the situation. The company was in a rough spot both from the complete lockdown on all their operations, but also from the disarray that in which their previous IT consultant had left them. None of the computers had anti-virus software and after some investigation, there was no server back up to be recovered. The owners assumed that because they were a small family business they would never be susceptible to an attack like this.

ACS worked closely with the company’s insurance provider and found that luckily, they did have cyber insurance to cover a ransomware attack. The hard drives were removed from the computers along with the server to be shipped to their insurance company. Their insurance company had a specialized division who works solely on paying ransomware demands and then attempts to extract data from hard drives before destroying them. Even though the insurance company paid the ransom, they were unable to recover any of the company’s data.

$25,000 to replace infrastructures

Major Costs

With one mouse click, this business was not only hit with significant downtime which caused them to miss a customer deadline, but they also had to write a check for roughly $25,000 to replace all of their infrastructures. Even with the ransom paid and the data cleared, the insurance company assessed that none of their old hardware could be reused and instead recommended replacing everything. Luckily, ACS was able to begin the process of getting the company back up and running by overnighting computers and ordering a replacement server. Within 4 days ACS had all new PCs installed, a new server built, and a robust backup/disaster recovery solution implemented. And of course, ACS installed new anti-virus software.

It Can Happen to Anyone

Ransomware does not discriminate. Whether your business is small, medium, or enterprise-level, you can still be hit with ransomware that can affect your operations within minutes. All you can do is encourage all staff to be mindful while in the office and keep the following tips in mind:

  • Ensure that all computers have up to date anti-virus software, make sure to validate backups, and perform test restores on an ongoing basis.
  • Don’t open any emails that look questionable.
  • Keep away from websites that are not business-related.
  • Continue to educate employees on risks and known signs of malware.
  • Look at security monitoring services to quarantine attacks before they spread.

If you don’t know how to begin this process let ACS be your guide. We provide network security consulting and solutions to safeguard against these attacks. The team at ACS will be more than happy to look at your network and make the appropriate recommendations. If you have any questions please contact Chris Mackin at cmackin@acs.com or 508-238-6334.