What is your Disaster Recovery Plan (DRP)? Have you discussed it with your wider team or even your software partner to ensure its holiday-ready?

During the festive season, the risk of ransomware attacks heightens, making it crucial to have a comprehensive DRP in place. Without a robust plan or one that doesn't align with your specific needs, the consequences for your organization can be severe in the event of a cyberattack. Ensure your holiday season is worry-free by fortifying your defense against potential threats.

Real life stories:

At Professional Advantage, we have heard many stories of ransomware attacks. One particularly chilling one has prompted us to bring ransomware DRP woes to the foreground again with this blog.

This client was very proactive at backing up their solution and data. However, whilst their backup was not on the same server as their production environment, the two were connected. Imagine a house if you will: their backup was sitting behind a closed door in a cupboard. However, when the ransomware attack happened, they were able to encrypt not only their production environment but also their backup; when the burglar broke into the house, they ransacked the house and also opened the cupboard door to the backup.

The end result: they had been using their ERP solution for almost a decade, and all of that information was now lost to them. They are now forced to work from spreadsheets and paper documents, with previous time, money, and paper-saving workflows no longer existing. Their efficiencies have regressed before they implemented this solution.

This client had a DRP and was diligent with their backups, but that connection between the servers let them down. More worryingly, this connection seems to be more common in organizations than you would think.

If their backup had not been attacked, this organization could have been back up and running within a week. Instead, they are looking at being without a functioning ERP system for four months!

If the backup had remained, they could have reached out to PA, and we would have worked with the organization to re-install their financial solution and restore their backup. Instead, they are facing a brand-new implementation, which involves:

  • Ensuring the ransomware attack has not spread to other areas of the organization, ready to be released when a miscellaneous folder is opened.
  • Referring back to their original solution design document from when they first implemented the solution.
  • Completing workshops to tweak the solution that they now need from their original specifications.
  • Organizing a new environment:
    • The original, now encrypted, servers are useless, so new servers need to be purchased and set up.
    • This may start a conversation about moving to the cloud, which brings the future benefit of an upgrade to their DRP ensuring their backups are stored separately to their production environment.
  • Writing up their chart of accounts.
  • Designing their layouts for invoices, statements, and remittances.
  • Entering all their transactions from this financial year manually and hoping that they have everything available either electronically or in paper format to do that.

Why not just pay the ransom?

A ransom price was demanded from the attackers. However, an external cyber security team was brought in for assistance, and they confirmed that this particular attacker could take months to return their data, and it could be incomplete. It does seem counterintuitive of the attackers to not restore information on payment, as news of this habit obviously spreads and stops any future victims from paying.

The organization decided against paying the ransom.

The importance of cyber security insurance:

Many organizations now have cyber security insurance, and if you don’t, we highly recommend you think about it. This insurance is there to support organizations in paying the ransom fee, and/or getting an organization back up and running after the attack, whether that be implementation, re-implementation, or just restoring a backup.

When it comes to organizing paperwork for your insurance company, Professional Advantage can and has provided cost estimations and organized invoices to outline each cost.

Is your organization's cybersecurity insurance current and tailored to its needs?

Do you possess a disaster recovery plan that warrants a thorough review and discussion for optimal effectiveness?

Contemplating an upgrade to your existing disaster recovery plan?

Considering the implementation of a disaster recovery plan for the first time?

If your response is 'yes' to any of these queries, don't hesitate to connect with our managed services team. We're here to assist you in ensuring the robustness and relevance of your cybersecurity measures and disaster recovery strategies.

Want to find out more about our Managed Services Team?

Are you looking for an all-in-one solution for your staffing and recruiting company?