Drilling Company Survives a CryptoLocker Attack

Dec 23, 2013

Article was first posted on baselinemag.com, December 23, 2013 LEAM Drilling Systems’ backup and disaster recovery system defeated CryptoLocker and did...

Article was first posted on baselinemag.com, December 23, 2013

LEAM Drilling Systems’ backup and disaster recovery system defeated CryptoLocker and did not have to pay the ransom required to restore encrypted files.

LEAM Drilling Systems is a directional drilling company based in New Iberia, La., with eight additional offices throughout the United States, and approximately 850 employees. We plan wells and implement directional and horizontal drilling programs.

Throughout any assignment, constant communication has to be maintained between our management teams, customers and field supervisors. Up to 100 remote users log on to the main network at any given time to access company files. Our network currently has 700 gigabytes of data and uses Dell’s PowerConnect switches and  SonicWall NSA firewalls.

Given the nature of our business, the necessity of maintaining good communication in the field and the value of the data on our network, downtime is not an option. Paul Hite, CTO at InfoTech, our managed service provider, warned us about the CryptoLocker ransom Trojan, but it entered our network through a malicious email attachment.

Our spam filter initially caught the email, but because the infected message was so well-designed,  one of our users thought it was an important business-related message and released it from the spam filter. Once CryptoLocker found its way into our network, it started encrypting files. We never saw the red screen that most people see when CryptoLocker hits them. Rather, we noticed odd behavior on the server, such as corrupt files. We used monitoring tools to isolate the infected computer before the virus was able to encrypt all the files on our network.

Fortunately, less than one month before we were hit, InfoTech had installed a new backup, disaster recovery and business continuity solution called Datto Siris on our system Read the full article at: http://www.baselinemag.com/security/drilling-company-survives-a-cryptolocker-attack.html

The post Drilling Company Survives a CryptoLocker Attack appeared first on Datto.