Responding and Recovering within 24 Hours
It was 11 PM on a Friday in November of 2019. WED2B IT systems administrator Jamie Jeeves started receiving a barrage of email alerts warning that antivirus (AV) clients were crashing in the company’s central office. All prospects for a relaxing weekend vanished when Jeeves logged into the remote system to investigate the AV shutdowns.
While checking the network’s file share, Jeeves noticed they were in trouble. Mass encryption of data was underway. All WED2B website files, including text, videos, and high-res images, were being encrypted. 5 terabytes of critical NAS data had been initially encrypted, including the backups from a 3rd party system that used Azure to store backups.
Time = Money
WED2B operates as a retailer of wedding gowns, dresses, and accessories for brides and bridesmaids. With nearly 60 stores across the UK, Ireland, Belgium, and the Netherlands, WED2B feared that the attack would ruin arguably the “most important day” for countless brides.
Jeeves knew he had to act fast. In the retail business, time is money, and downtime can be paralyzing for sales. Jeeves began by shutting down all servers and devices remotely. Unfortunately, the remote software missed two machines, so he was not able to foil the attack completely.
The next morning, Jeeves began working with Rubrik’s Ransomware Response Team to start the recovery process. WED2B generates a bulk of its weekly sales on weekends. Needless to say, time was of the essence. Jeeves disconnected the network from all store locations so they could continue operating independently without impact.
Rubrik Zero Trust Data Security™
Leveraging Rubrik Zero Trust Data Security, Jeeves focused on the most critical assets first. He restored Active Directory through Rubrik in less than 30 minutes. He then moved onto SQL databases, which took only an hour to recover 1 TB+ of data. Jeeves found himself pleasantly surprised at how quickly everything came back. By early Saturday afternoon, all critical systems were back online.
There were essentially two recoveries taking place: one for data managed by Rubrik and one for Azure backups. While data on Rubrik was back up and running within 24 hours, it took weeks upon weeks to get NAS back up and running since it was not protected by Rubrik. “One of them was painless, and the other one was not,” Jeeves stated.
As a result of the successful and fast recovery, WED2B has further increased its investment in Rubrik. All WED2B data, including NAS, are now protected by Rubrik Zero Trust Data Security.
The Numbers Speak for Themselves
“With Rubrik, we experienced zero data loss, zero impact to our core business, we paid nothing at all in ransom fees, and were up and running in 24 hours, which is fantastic.” – Rob Mole, Head of IT & Solutions.
Organizations need to be prepared for when ransomware strikes. Learn more from leaders across the public and private sectors on how to develop a ransomware recovery and cyber resilience plan at the Rubrik Data Security Spotlight on-demand.