[Case Study] How Local Attorneys Survived a Vicious Ransomware Attack

Ransomware attacks often seem to happen out of nowhere—that’s  how it all started for the legal office of Schuchat, Cook & Werner. An associate attorney was simply opening documents and emails saved onto a USB drive, when one of the files released a ransomware attack into the company’s computer system.

Ransomware can be disastrous for any business, blocking its access to data or entire computer systems and demanding a ransom in exchange for renewed access to private files. In a situation like this, a quick response is necessary—especially because paying the ransom is never the right approach. Although businesses might be tempted to pay the demanded ransom in exchange for the return of their information, this is never recommended. In many cases, hackers who receive the ransom they demand merely delete the seized files anyway. 

Fortunately, leadership at Schuchat, Cook & Werner had a plan in place to respond to this attack. They contacted their managed IT provider, SumnerOne, within minutes of the attack’s start to determine the problem and initiate a remediation plan. 

Despite the ransomware’s seizure of more than 600,000 files, SumnerOne was able to lead a recovery process that returned the law office to normal operations within the day. The full details of this success story can be found in our latest SumnerOne case study.

How to Respond to a Ransomware Attack

When a ransomware attack strikes, speed is crucial to the success of any recovery plan. The slower you are to identify an attack and initiate the recovery process, the worse your potential losses from this attack may be.

The first step is shutting down your company’s application server. This stops the ransomware from spreading any further throughout your system. It’s recommended that businesses have a business continuity and disaster recovery solution that can reinstate your application server and start the process of recovering the files and data lost in the attack.

4 Takeaways to Consider for Your Own Business

Worried about ransomware attacking your company? Here are four things to keep in mind.

1. Every business needs a response plan in place. Whether or not you pay for a managed IT service, you need an action plan that will jump-start recovery efforts and help you bring your systems and files back online. If you don’t have the in-house personnel to manage this process, a managed IT service is the best way to bring those capabilities to your business.
2. It’s important to schedule regular cloud-based backups of your data. Schuchat, Cook & Werner uses a hybrid backup system that creates new backups on local servers every hour. These backups are then followed by a daily backup to a remote cloud-based server.
3. Employee training can reduce ransomware risks, but it isn’t foolproof. In the Schuchat, Cook & Werner example, an employee error created the vulnerability that led to the security breach. Though it’s possible that better malware training could have prevented this breach from occurring in the first place, the reality is that malware is designed to sneak past the watchful eye of employees.
   
   Training is always worth the investment. It will help reduce the frequency of malware attacks suffered by your organization. But training alone can never eliminate this threat entirely. 
4. Always place the cost of managed IT within the context of the cost of ransomware and other attacks. Businesses are often tempted to skimp on IT security as a way of reducing overall business expenses. But ransomware attacks are far too common in today’s world, and the potential material losses of a single attack are significant—enough to cause a company’s collapse, in some cases.

Reaping the Benefits of Managed IT

Most companies depend on technology and the internet to conduct their day-to-day work. But that doesn’t make them experts when it comes to cybersecurity. And given that one in five SMBs have been hit with a ransomware attack, it’s fair to treat these cyberthreats as inevitable. 

When security issues like ransomware arise, even tech-savvy organizations quickly find themselves outside of their area of expertise, scrambling to mitigate their losses against a threat they don’t fully understand. A managed IT provider is often your best resource in this situation. 

Schuchat, Cook & Werner is an office of attorneys, but when a ransomware attack occurred, they immediately had the support of a managed IT provider that could mitigate the fallout and help the firm recover. In a crisis situation, experienced partners can be a priceless asset.

To learn more about how SumnerOne helped Schuchat, Cook & Werner survive a ransomware attack and restore its business operations, download our Schuchat, Cook & Werner Case Study today.