What we can learn from this company’s attitude to a ransomware attack
Ransomware attacks are a major plague for many companies with the rise of technology. Being prepared and preventing these attacks from being worse is possible.
Spectra Logic is a data warehousing company based in Boulder, Colorado. One more of the many companies that suffered a ransomware attack last year, but unlike other companies, they were able to avoid having to pay the ransom demanded by the hackers.
In full quarantine, in May 2020, the Spectra Logic company was the victim of a computer attack. “We got some notifications of some system crashes and they quickly turned into many unrelated system crashes, which is really abnormal“, explains Tony Mendoza, the senior director of IT of the company to ZDNet.
They understood that it was an attack and that their files were being encrypted. With most employees working from home, it was difficult to alert about what was happening in the offices. The first reaction was disconnect and unplug all data centers and servers so that the attack does not spread to the entire infrastructure.
Three-quarters of the production environment was compromised with ransomware. The hackers identified themselves in a ransom note in which they reported that the ransomware was NetWalker and demanded a payment of $ 3.6 million in bitcoins in exchange for the key to recover all the encrypted data.
Spectra Logic had a very important lifeline, had backups that were separate from the rest of the network and that they had not been affected by the attack. The IT team, by assessing the damage and seeing that they still had material to continue working with, was able to avoid paying the ransom.
Quick reaction and backups were two key points to fully protect the company against this attack. Cybersecurity experts advise against paying hackers, that positions the company as a possible future payer and condemns them to suffer more attacks.
Spectra Logic had cyber insurance that could have covered the ransom payment. This would be the simplest option in an attack of this type. However, the cybercriminals could have taken the money, only to come back with a second attack. The option of not paying and using backup copies is a more certain answer for the future.
Instead of contacting cybercriminals, the company opted for avisar al FBI, which assigned a team of specialists to help Spectra Logic deal with the immediate aftermath of the attack over the course of the following days.
Almost a week working around the clock to restore key parts of the infrastructure and almost a month to recover the less essential aspects and ensure that the attackers could not spread the ransomware again on the system. The company assures that, more than six months later, they are still concerned about security, but all their employees are now more aware of the importance of avoiding phishing or any other type of attack.
As users, we can also learn from the attitude of this company in the face of a cyber attack. We can reinforce security in advance with Backups; give more importance to know the different dangers what’s on the net and how to act; and in the event of an attack, ask the authorities for help.