December 19, 2016
MSP Recovers 85,000 Files From A Ransomware Attack
California-based managed service provider (MSP),, has been providing a variety of backup and disaster recovery (BDR) services to local businesses for the past nine years. From tape backup to hybrid clouds, MTM President, Tim McCoy, has seen it all. Recently, he’s begun to see more threats to business data. A prime offender being ransomware.
For one of his clients, a property management firm, it all started with a suspicious email. The email was so well-crafted, it bypassed the firm’s email security, DNS blocking service, and anti-virus software. The user that received the email, downloaded the attached zip file and the virus started encrypting files on the local and shared resources. The damage was done. “More hackers are going out and buying anti-virus software and figuring out ways to bypass them. The only way to be safe is with a backup,” explained McCoy.
Among the shared resources infected was a folder containing 85,000 files used by the firm’s Construction division. The user that clicked the file was unaware the encryption was happening and shut his laptop down shortly after he downloaded the file. He never saw the ransom message, internal IT was not alerted, and he went home for the day.
Another colleague who was trying to access a shared file emailed McCoy saying he was having trouble opening it. McCoy knew immediately that this was a ransomware attack. He remotely looked up the Datto SIRIS device the firm was backing up their data on, and sure enough, he was correct.
To learn more about Datto helped MTM recover from the ransomware attack, check out the success story.