Ransomware attacks are ever-present, making planning ahead for ERP disaster recovery a critical step for every organization. Take this year. Attacks have ticked up in 2020 as businesses become ever-more reliant on remote work. Q1 2020 saw a 25% increase in overall attacks, 1 while the average ransom payment rose 33% from Q4 2019, to $111, 605. From governments to law firms to global manufacturers like Honda, no one is immune.
And if you think $111,605 is a lot of money to pay a bandit, you’d be right. Which is why is makes so much sense to plan NOW to avoid these scenarios. For a fraction of the cost you could be well prepared and protected. Unfortunately, too many businesses either don’t prepare, or worse yet, think they are prepared until they experience a ransomware attack and ERP disaster recovery becomes nearly impossible.
Such was the case with a manufacturing customer we worked with. Many have been in these same shoes, so truly it is just one of many examples we’ve encountered at Strategic over the years. In this case, the ransomware attack compromised all company systems, and took out company backups which were on the same network. Data loss was severe, and the business was closed for a few weeks to get everything sorted. That’s when they came to us.
Our team jumped into action, using an old backup on a thumb drive to restore what systems we could. We took over hosting, rebuilt their environment and got as much data back online as we could using their last backup. We got their QAD production environment online so they could open their doors and get back to doing work.
It was a full team disaster recovery effort from our MSERV “managed services” team, to Strategic Consulting, and even the sales team got involved to upgrade some EDI systems that needed refreshing. Overall, we got the work done in two weeks for this customer, other customers have been both faster and slower since so much depends on the advanced planning each company undertakes.
So, what is the “right way” to plan in advance to handle ransomware? It absolutely starts with employee training. Over 90% of data breaches are caused by human error,2 making cybersecurity training an absolute must. There are great online programs to be sure it’s done right and that likewise validate that employees truly understand it. Some systems even send fake phishing emails to test employees after their training and enroll them in remedial training if they fail. That is a deterrent enough to make a staff take online security seriously and recognize it as a personal duty each employee shares.
Beyond upfront training, it is essential that your ERP systems are setup, hosted and monitored in ways that protect you from the worst should a ransomware attack happen. We counsel our clients to maintain offline, offsite backups, so if ransomware attacks, they can initiate recovery without data loss. Remember that old thumb drive? We can do MUCH better.
If you’re worried about your on-premise environment, talk to us about getting a system Health Check. It is the best way to identify weaknesses and get a proposal for what changes are needed to protect your company should the worst strike. I would recommend doing that soon, because if life tells us anything, the worst happens when you least expect it.
The ransomware attack compromised all company systems, and took out company backups which were on the same network. Data loss was severe, and the business was closed for a few weeks to get everything sorted. That’s when they came to us.
1. Ransomware Has A New And Very Valuable Hostage In Sight: https://www.forbes.com/sites/bobzukis/2020/06/18/ransomware-has-a-new-and-very-valuable-hostage-in-sight/?sh=4035c0a0170f
2. The Importance of Training: Cybersecurity Awareness like a Human Firewall: https://www.entrepreneur.com/article/340838