Ransomware disaster avoided
Steel stockholding and industrial supplies specialists SJ Andrew & Sons was founded in 1914 and today employs 33 staff with an average service of 17 years.
Current Director Nathan Andrew, great-grandson of the founder, has the dual responsibility of protecting the company’s legacy while also moving the business forward. Nathan recognises that IT is crucially important to the company’s growth. In order to ensure they have expert advice and support in place, they entrust their IT systems to a managed service provider
The first sign of trouble was at 3 pm on a normal trading day. MD Nathan Andrew got a call from a member of staff complaining that they could not seem to access their files, whilst dealing with this another call came in, then another… He soon realised that there was a significant problem – when he logged on, he could actually see files being encrypted as he watched.
He describes the feeling: “It was terrible. We were flooded last year – I remember opening the door to the building and water flowing out. That was awful – but this was much worse. I knew with the flood that we could clean it up – but I was really worried about how this would end.” What was clear to Nathan at this point was that they were being subjected to a Ransomware attack. What was shocking to Nathan was that he thought that they had taken good security precautions. They had moved to Office 365, they had good anti-virus and firewall protection in place. However, as they were learning the hard way – there is no silver bullet for Cyber security.
What SJ Andrew & Sons said...
Their first action was to shut down the PCs and call their service provider who quickly assessed the damage and concurred with Nathan’s diagnosis. This was a Ransomware attack. As a senior member of staff-owned the compromised PC had high-level access, contamination was widespread.
However, the service provider was no stranger to Ransomware. “With a Ransomware attack, we won’t even consider trying to “fix” or decrypt it and obviously we would never consider paying the ransom. Our response is always – Clean the system and restore from a previous back up”.
Fortunately, SJ Andrew & Sons had in place a business continuity solution, which is built on the StorageCraft Recovery Solution. In the case of SJ Andrew & Sons, as it was already late in the evening, the provider took the decision to push ahead with a full restore. So that when everyone arrived for work next morning, everything was back to normal.
While a Ransomware attack is not something any company wants to experience – for SJ Andrew & Sons this was a good outcome. Their security was tested and proved effective. It also pointed to areas that they could improve on.
It also reinforced their decision to outsource their IT to Techsol Group. On the relationship with Techsol Group, “It is very much a collaborative relationship. I am not an IT expert but I know what I need it to do for the business. I can tell Techsol Group where I want to get to and I trust them to put in place the best solution to deliver this.”