Recently we were tasked with recovering a server from a malicious attack of malware. After the initial investigation we found that we could not just recover the files as it had got in too deep. So, we had to roll the server back to a previous image using one of our bespoke backup systems for servers.
It consists of a little blue box which takes a backup every 2 hours and is a complete image recovery system. It can also run up a virtualised version of your server in the cloud which you can connect your site to and use for up to a month whilst your server is being repaired.
In this instance we did not use this feature we just recovered the server and rebuilt all the PC’s that were affected.
Is your security strong enough?
We always advise a strong and secure password for your systems.
Password1 won’t cut it – and once a virus compromises your network that’s it. The process for the virus will be:
- What can it see and use on the network?
- Any connection to a server
- Where it can do the most damage?
- Use a brute force attack using all the usernames and passwords that are easy to crack
- SYSTEM COMPROMISED!
Once this has happened it will have gained access to your server or PC if you have a weak password and insufficient antivirus systems.
Most viruses these days come in on an email attachment or a malicious link in an email. They can seem to come from people you know. So, if you think it is suspicious then call them to check they sent it before opening or clicking on anything. Humans are the weak link.
Here at SmartThinking we are passionate about security and will be able to advise you on your systems, antivirus and backups. If the above backup had not been in place all of the company’s data would have been lost. It was a Ransomware attack and any attempt to pay the ransom would be illegal as you are then financing organised crime. In addition, paying does not guarantee you would get your data back and it could happen again.
Clive Catton MSc (Cyber Security) – by-line and other articles