"Unfortunately, approximately two months ago our Heritage servers were attacked by malicious software that basically ‘held us hostage for ransom’ and we were forced to pay the crooks to get the ‘key’ just to get our systems back up and running," wrote Sandra Franecke, the company’s CEO, in the letter sent to employees. She goes on to say that data recovery efforts, initially estimated at one week, have not gone according to plan and the company had failed to recover full service by Christmas.
Franecke said the company lost "hundreds of thousands of dollars" because of the incident and have been forced to "restructure different areas in the company."
A ransomware attack is going to cost downtime and losses no matter how you look at it. A usable few days (to a week old) backup that can be restored could cost less in losses versus paying the ransom or like this case not being able to restore your data at all. Questions any CEO should be asking his/her IT people are: Do we have an off line backup of all our data (so that the backups are not automatically overwritten themselves) and when did we last test that we can actually restore our backups (it should be tested twice a year if possible with evidence showing it was successfully restored and tested). Some companies may even pay an audit company to verify this on their behalf.
Failure to ask at least these two questions and be shown some evidence is tantamount to negligence from a shareholders and governance perspective.
#technology #ransomware #governance
#^Company shuts down because of ransomware, leaves 300 without jobs just before holidays | ZDNet
Company tells employees to seek new employment after suspending all operations right before Christmas.