Security and Encryption Malware

Security and Encryption Malware

Despite one’s best intent, systems can be infected by viruses, hacked, or crashed due to various reasons and through various sources. Having good security programs, and redundant data/program backup functions in place should be considered a must-have. However, even with these policies and procedures in place, sometimes things can go very wrong.

As a recent example:

A company’s application server was infected with a file encryption ransomware program during the middle of the day. Most of the operating system, and various programs where encrypted.

Doing a repair installation attempt was unsuccessful in correcting the issues, and ultimately, a recovery required pulling selected programs and data from multiple backups. Because the back-ups were incomplete, this created a number of residual issues related to some operating system files/features and selected programs.

This infection was later determined to be the result of all of the following:

  • Failure to restart the server after an anti-virus software update.
  • open RDP Internet ports on the server’s firewall.
  • An un-patched known security flaw on the application server that was known to be vulnerable to remote brute force connection attempts.

In this particular case, the saving grace was…

Their core application software programs and data on at least some of the redundant back-ups were undamaged by the encryption Malware infection.

The end result here was… a recovery project that could have taken weeks or months of work to complete or that could have resulted in massive irreversible data loss, ended up causing only several days of disruption and only a couple of days’ worth of data loss

While all of this might seem like a no-brainer to some, a focused plan that has built-in redundancy should be considered a must for any business.

If you would like a review of your current system for either security or and/or backup integrity, please contact CCS Retail Systems Support Department to schedule your System Security and Recovery evaluation.

– John

Leave a Reply