"Cryptolocker blocked my pbx"

Posted by Henry Roberts on Apr 3, 2017
Henry Roberts
Find me on:

There's never too much of data security 

We’re constantly talking about the importance of data protection. We are taking attempts on educating our customers on the personal level as well as spreading the word through our blog and social media. And though we’re happy with the results of our efforts, still we have seen a couple of incidents of Cryptolocker come into our Technical Assistance Center this year.

hacker-header.jpg

Symptoms:

  • Calls going to the default auto attendant
  • Communicator stops working
  • Voicemail and workgroups are unavailable

This is because Cryptolocker zips .wav files as well as SQL server files, thus shutting down the server.

What about the backup?

The backups, if they are stored on the same server, are also being locked. The only option in this case is to build the entire system from scratch… or pay up and hope that an unlocking key will be provided.

Only backing up your data offsite would save the situation. Unfortunately, in both our cases the ShoreTel server did not have off site backups. 

Prevention

To prevent such situation from happening we recommend:

  • Check your root directory for C:\ShoreWare Backup and confirm that your backups are running. Consult with our Technical Assistance Center if something works unexpectedly.
  • Use LANtelligence’s own script for ShoreTel backups that does not interrupt services. It will protect some initial data.
  • Backup the entire system offsite in the Cloud.
  • Use Business Continuity solutions, like Datto

Tags: Business Continuity