February 01, 2016
Cryptolocker holds a UK council hostage for £1 million
During 2015, Cryptolocker has had a field day, taking everyone from Agricultural Feed manufacturers to hairdressers hostage. Cryptolocker statistics vary wildy, but according to ZDNet, it’s estimated that the malicious virus earnt the bad guys a staggering $27 million (nearly £19 million) in just three days in 2013.
The IT systems of a County Council in the United Kingdom is under Cryptolocker’s stranglehold this morning, as the cyber-criminals behind viruses like this search for bigger prey. The BBC reports that Lincolnshire County Council has had demands of over £1 million.
This must be unnerving news for the residents of Lincolnshire, who rely on their Council for vital services like education, transport, fire and public safety, social care, and waste management. Whilst the files are in Cryptolocker’s grasp, Lincolnshire’s workforce are left making do with pen and paper.
How does Cryptolocker manifest?
Cryptolocker can infiltrate your systems in a number of ways, including emails, web downloads and malicious links. What all these factors have in common is the degree of human error. Even the most savvy computer user can have a temporary lapse in judgement, leading them to click on a scam they’d normally see straight through. That’s why it’s so important to have a Business Continuity plan in place.
The scale of the problem
According to the BBC, the ‘Chief information officer Judith Hetherington-Smith said only a small number of files were affected’. The BBC also reports that the ‘authority said it was working with its computer security provider [who has not been named] to apply a fix to its systems.’
Although Lincolnshire council has backups, it is not confirmed whether they have a Business Continuity solution in place, so recovering this data could take days, or even weeks. Lincolnshire is “hopeful” most systems will be back working early next week - not exactly a reassuring ETA for its residents, staff and businesses.
Downtime can cost businesses over £100,000 an hour (according to the Aberdeen Group), depending on the size of their workforce. Not an expense a cash-strapped council can afford!
Recover in Just 6 Seconds
However, with a Datto solution in place, the Managed Service Provider (MSP) which operates it and maintains it, would have been able to recover business-critical data in moments.
The MSP would have been able to use Datto’s proprietary Instant Virtualisation technology to launch a virtual system in as little as six seconds, allowing staff to resume essential work. Then, Datto’s newly rebuilt Bare Metal Restore (BMR) process would be able to recover the data from the on-site appliance on to a new server.
The local Datto device can act as a restore hub for everything from files to application and system fail over, it can also act as a staging environment for off-site transfer. Scheduling off-site data transfers can be critical for bandwidth management and carries no risk of having unsaved backups. Should the local device be compromised, data that was transferred to the Cloud can act as a replica site for the business. A local only backup option cannot ensure data integrity should a site wide disaster occur.
In addition, Lincolnshire County Council haven’t confirmed the integrity of their backups. Without Screenshot Verification, you run the risk of backups with boot-ability issues due to corrupted backup chains.
For more information on how Datto can rescue data in a disaster, read our case study about Datto Defies Ransomware for Harbro Ltd, an Aberdeenshire feed manufacturers.