Once the files were restored a Postmortem meeting was called. We concluded that more restrictions would be placed, banning USB storage devices and personal emails. Also, next year we will be looking into a new Enterprise Antivirus solution and more space will be provided for data backups.
Sunday, 15 November 2015
Week #11: CryptoWall Struck My Job's File Server (Part 3) !
The CrytoWall has been officially removed from our servers! Unfortunately, all backups failed which left the company having to revert to outdated files which is technically, three months old. How we manage to retrieve such data? While that's a long funny story, we had an old decommission server blade that was supposed to be wiped and refurbished three months ago still laying around the server room. Lady luck was on our side because it was the old File Storage server.
Sunday, 8 November 2015
Week #10: CryptoWall Struck My Job's File Server (Part 2) !
Not much as been done with regards to recovering data. We just happen to be extremely lucky that a backup of some of the most vital data was stored on an inactive server. The CrytoWall virus seems to have spread throughout the network. I firmly believe that it was on the network for a very long time, and it was undetected by our antivirus software. This week we have taken some high-risk computers of the network until we find a solution to this vexing problem.
Subscribe to:
Posts (Atom)