"Ransomware shut down our company for almost a week"

"As an IT manager in a large company, it’s always quite a shock when panicked phone calls start to pour in. Users found they could no longer access their files and the CEO wanted to know why the company had ‘ground to a halt’. A quick check showed that all the data on our company servers had been encrypted by ransomware: software that blocks a computer or server until a ransom is paid."

Where did the ransomware come from?

"Someone had received a contaminated document via email and opened it on their laptop or smartphone. The ransomware in that document infected our systems. Not a single file on the servers could be opened, bringing our company to a complete administrative stop."

How great was the damage?

"It’s difficult to say, but it was a horrible week. We contacted an outside firm to clean up the affected systems. Then the backups were restored. Unfortunately, not all of the backups were intact. It took nearly a week before all of our servers were operational again. All this time the ransomware prevented us from getting any computer work done. The services of the external firm cost us €100,000 but the direct and indirect damage caused by one week of inactivity were much worse."

Could you have prevented this?

"Yes, I have to admit that we could probably have avoided the ransomware contamination by placing more emphasis on prevention and encouraging better security awareness. We should have reminded our users that files from outside the company could constitute a risk. We also should have urged them to always verify the source of any files they receive. And reminded them, when opening documents, never to activate macros under any circumstances. Good security always starts with greater awareness of the dangers."

So you launched an awareness campaign with individual risk profiles?

"We contacted Orange in search of solutions for preventing further ransomware contamination. Orange advised us to mount an anti-phishing campaign, informing our users of the risks. In addition, they implemented a centralized solution that conducts web-based surveys. We can now gauge how well our users know the potential dangers of malware. It automatically assigns a risk profile to the users too. As such, our awareness campaigns focus on whoever constitutes the greatest risk. You’re looking at a very happy IT manager."

Advanced security solutions

Of course, as well as raising awareness, immunity to malware requires concrete security solutions. Orange offers several, including a malware cleaner with a virus scanner for USB sticks. Orange recommends using a cloud application to protect email from malware and spam before emails are even delivered. In addition, advanced virus scanners can be installed on PCs, as well as next-generation firewalls that monitor network traffic between different zones of the network for potential threats.

Orange also offers several security solutions for mobile devices. For example: Mobile Threat Protection (MTP), an easy-to-use cloud solution that protects your devices and data from all known and unknown risks, 24/7. On top of this, Orange has equipped all Shape tariff plans with Lookout Premium, a smartphone security app. It’s been made available free of charge.