Nick Pitre, Director of IT at South Louisiana Community College (SLCC) had a funny feeling something was brewing. The Ryuk ransomware variant had been making its rounds at colleges and universities, so he knew it would not be long before SLCC was also targeted.
Sadly, he was right. “I noticed odd behavior when my team was not able to log in. Our servers were being encrypted,” Pitre recalled. The infiltration occurred by way of an administrator loading new software onto a forgotten Windows 7 desktop collecting dust in a closet. Without proper security measures, the admin’s credentials were captured, and the ransomware immediately activated and began, spreading to a handful of servers.
But when the attack hit, Pitre was ready—so ready that the hackers never even had the opportunity to deliver a ransom demand. As soon as the ransomware started encrypting files, Pitre’s team quickly responded by recovering data from backups stored in Rubrik and preventing any damage from taking place
Each recovery took five to 10 minutes. In two hours, the situation was 100% contained, which I was pleasantly impressed by.
Ransomware attack initiated through a forgotten desktop
Hundreds of servers and virtual machines encrypted
Infected servers attempting to attack other servers
Zero data lost
$0 paid in ransom
100% recovery within 2 hours
PREPAREDNESS PAYS OFF
The reason SLCC was able to avert disaster came down to preparedness. The school received a suggestion from the State of Louisiana to turn off backups because previous attacks had compromised backups, but Pitre overruled, “We’re not doing that. I trust Rubrik’s immutability.” Turns out it was the right move. Rubrik thwarted the ransomware from doing any damage at all.
“Each recovery took five to 10 minutes. In two hours, the situation was 100% contained, which I was pleasantly impressed by,” said Pitre.
Where the ransomware was able to infiltrate the network’s defenses, Rubrik’s Live Mount point-in-time recovery helped identify the risk of reinfection if wrong snapshots were used for recovery
RUBRIK RECOVERED SLCC IN TWO HOURS
This breach could have led to loss of learning coursework, financial and student records. “Without Rubrik backups, recovery could have taken weeks, which is exactly what happened to another college in Louisiana.” Pitre remarked, “They were completely out of luck and had to spend a few weeks recovering.”
Using Rubrik, Pitre said, “There was no data loss. Thanks to Rubrik’s immutable backups, this breach was simply an inconvenience for the two hours that we were rebooting backups.”
“I told everyone within our college system that Rubrik saved us big time. They were all evaluating other backup vendors, which resulted in five different community colleges within Louisiana trusting Rubrik to increase their security and protection against cyber threats.”
“Since the ransomware incident, we have doubled down on Rubrik, purchasing a second set in another data center to ensure every server we are backing up is being backed up in two locations.”
Without Rubrik backups, recovery could have taken weeks, which is exactly what happened to another college in Louisiana, they were completely out of luck and had to spend a few weeks recovering.
Zero data lost
$0 paid in ransom
Ease of use
Ready to get started?
Get a personalized demo of the Rubrik Zero Trust Data Security platform from one of our technical solution experts.