Case study: another time the backup wins on ransomware.

At 8.10 a.m during a hot July morning, while I was going to the office, I receive an image on whatsapp. It was a client. A really strange thing! I was in late and I cannot see well the image and after 5 seconds a message: “Alberto, what is this?”. Curious and a worried I stopped and I saw the image: the client had made a photo of the PC screen and I read “WARNING we have encrypted your files with Crypt0L0cker virus”.

It wasn’t the “goodmorning” I was waiting!



I immediately call the client to explain what it was happened (encrypted files quite impossible to decrypt) that obviously very worried asks me what we can do because also the invoice system was impossible to open. The virus had struck a part of the archive and the most part of the file systems. A disaster!

The first thing I have suggested to do is remove the network cable from the PC in order to avoid others damage caused by the virus.

Verified the extend of damage and settled Windows, thanks to the good antivirus Virit and the good technical support that has given me the list of the files damaged, I have reassured the client that all the files damaged were recovered from the backup!

The client fortunately had adopted a remote backup solution so it was sufficient to synchronize all the files from our Linux systems to the client server: recovered all, also all the files of the database.

I think that the client had the possibility to test and appreciate the backup system adopted.

1 Risposta

  1. In effetti posso confermare che l’unica nota positiva dell’avventura CryptoLocker è stata la consapevolezza di avere comunque tutti i dati – perfino quelli del gestionale – sempre disponibili e accessibili per via del back-up da remoto al quale ci affidiamo da anni. E anche il pronto intervento di Alberto, sempre disponibilissimo, ha limitato il danno notevolmente. Un grande grazie al team di FPC che sa gestire emergenze grandi e piccole, da remoto o di prima persona!

Lascia un commento