news Australian IT services firm Geek said it has helped an Adelaide accounting firm recover from a CryptoLocker malware attack in “just 15 minutes” using a US security product called Datto.
By using Datto, which can replace files from backups at high speed, the accountancy firm was able to get back up and running with minimal disruption and without any need to pay a ransom, according to Geek.
“This client, a mid-tier Adelaide accounting firm, had bought the Datto backup appliance on our advice, hoping to never need it,” Geek founder and Chairman Jon Paior said in a statement.
“However, their worst nightmare was realised when a staff member opened an AGL-branded scam email that generated a screen demanding thousands of dollars,” Paior explained. “All their files were encrypted, and totally inaccessible, including the main database. They were dead in the water. ”
CryptoLocker is a ransomware trojan targeting PCs running Microsoft Windows. When activated, it encrypts files stored on local and mounted network drives and displays a message offering to decrypt the data if a payment is made by a given deadline, otherwise it threatens to delete the encryption key.
Using the Datto appliance to restore its files, the accounting firm was back up and running within 15 minutes after the attack hit, Geek said.
The accounts later calculated that its previous backup product would have taken “at least six hours to fully restore those terabytes of data”, Geek said, adding that, with 120 employees, that period of downtime could have cost it about $150,000.
The Datto disaster recovery appliance creates and stores backup “snapshots” of a computer hard drive or network at intervals as frequent as every five minutes. It can sidestep CryptoLocker and other ransomware attacks by providing near-instant access to the stored backup. Datto handles more than a million backups a week at its nine data centres around the globe.
Jon Paior said Geek, which introduced the product to Australia, had worked with Datto to customise the its service for the local market.
“As well as a local presence, the right pricing and local data centres, we requested new features in the product that directly responded to the needs of Australian customers,” Paior said.
“These include customisable off-site replication, which means we can back up data to more flexible locations, and file-based backups, addressing the fact that customers have to pay for bandwidth in Australia,” he explained.