Ransomware is now one of the most significant cybersecurity risks faced by organizations. The attack techniques and commercialization of ransomware have become increasingly sophisticated. According to a report by 'HONGKONG BUSINESS', Hong Kong companies experience over 750,000 ransomware attacks every month. This makes businesses of all industries and sizes potential targets for cybercriminals.

Recently, a company fell victim to ransomware and was demanded to pay a ransom of 10 bitcoins (1 bitcoin ≈ $25,000). To test the ransomware group's ability to unlock the infected files, the company initially paid 3 bitcoins as a demonstration. However, when they were ready to pay the remaining 7 bitcoins, the attackers demanded an additional 10 bitcoins to restore the data. Aston, CypressTel's Sales Manager, advised that in most cases, data cannot be recovered, and it is recommended not to pay the ransom.

In this webinar, CypressTel partnered with data management expert Veeam and invited our customer - MTS to share their experience of a ransomware attack and CypressTel's rapid recovery solution.

MTS is a service provider that offers quality inspection services to global manufacturing users. They have over 1,000 employees in laboratories located in Hong Kong, Mainland China, and branch offices in the United States and Europe. MTS had already implemented firewalls, antivirus software, and data backup software on their IT equipment.

In mid-September of this year, MTS became a victim of ransomware. The company discovered file name changes while searching for files, indicating a ransomware attack that paralyzed their operations and demanded ransom. MTS attempted to recover their systems independently but was unsuccessful. Finally, MTS contacted CypressTel's Cloud Division for assistance.

CypressTel has developed a Rapid Recovery Solution for MTS that includes the following steps:

1. Break the link in the chain of infected hosts to stop the spread of the virus.

2. Isolate and remove infected IT devices while enhancing the overall security of the IT environment.

3. Restore or reinstall local IT device application services.

4. Recover MTS's core applications quickly by using Veeam V11's ransomware immunity feature and the data backed up by MTS through CypressTel Veeam to the GCP disaster recovery site.

5. Establish a new backup solution using Veeam that is based on the strengthened IT environment.

It is essential for enterprises to prepare their IT infrastructure and equipment before any disaster strikes. Having comprehensive backup and recovery plans in place is crucial. In case of a disaster, using pre-established disaster backup and recovery plans and timely response from the enterprise's ICT service provider ensures the security, reliability, and continuous operation of the company's IT systems.

CypressTel has a team of experienced professionals who provide ransomware prevention measures and disaster backup and recovery services. Their passionate service attitude, strong technical capabilities, and 24/7 timely response to customers make them a reliable choice for such services.

According to Gary Yeung, MTS's Global Program Manager, CypressTel's team quickly restored MTS's core business functions to normal after a disaster. Gary Yeung also praised CypressTel for migrating their production servers to Google Cloud, which had minimal impact on their operations.