Waste Management Company Recovers from Ransomware Attack and Migrates to Microsoft Azure

With sophisticated malicious actors worldwide, ransomware attacks occur every 11 seconds. Learn what you can do to prevent these attacks.

Table of Content

    With increasingly sophisticated malicious actors worldwide, ransomware attacks occur every 11 seconds. A waste management company providing industrial services, transportation and equipment, treatment and disposal services was one such victim. With around 150 employees, the company was running all its business systems on-premises including Microsoft Office, Microsoft Dynamics SL, and a CRM solution. Their Dynamics SL solution was very customized to fit their needs and utilized a number of third-party, ISV solutions that integrate directly with SL and provide specific functionality that isn’t available out of the box.

    Red Flag: An email from a Hotmail Account

    Velosio, the company’s Dynamics SL partner, first learned of the ransomware attack when an employee emailed their Velosio Customer Account Manager from a personal Hotmail account. They said their systems were down, and they were locked out of everything. Velosio immediately hopped on a call with key managers to provide guidance and offer recommendations.

    Velosio soon learned that the client’s backups were encrypted and unavailable as well. They had security set up at the systems gateway and end user protection, but it was no match for the cybercriminals. Running older versions of an on-premises server operating system left them with security vulnerabilities, and they assume the ransomware got in through a user account but were not able to confirm it.

    Seeing no other path forward, the company paid the cybercriminals to get their data and systems back. While waiting for the criminals to return their data, Velosio upgraded Dynamics SL to the latest version hosted on Microsoft Azure to get them fully operational and protected in the shortest amount of time. Velosio worked quickly and within 24 hours prepared Azure servers to host the database after it was returned to the company.

    Finally, the data was returned, including 95% of its Dynamics SL data. A Velosio Dynamics SL consultant worked to restore the data and migrate it to Azure. It was a complicated process because of customizations and custom reports. Velosio was able to restore program files from the old system and Papersave jumped in to help restore their integrated ISV solution for the customer as well.

    Lessons Learned: The Company Migrates to Azure

    All told, the waste management company was down for 2.5 weeks with no access to technology, systems, or standard processes. During this time, they had to execute everything with pen and paper. The ransom fee, consulting hours, and loss of business accumulated to a large price tag.

    Once the system was back up and running, workers had to spend time manually entering all transactions and data collected by hand over the two and a half weeks their systems were down. The company also had to spend time dealing with the insurance company to try to recover some of the ransom payout. Employee stress levels were at an all-time high. The company learned that when it comes to security, it’s better to be proactive by remaining on the most recent version of their systems and relying on migrating to Azure to host systems. Microsoft Azure provides confidentiality, integrity, and availability of customer data, while also enabling transparent accountability. The client is now confident in Azure’s trustworthy foundation upon which they can meet security requirements.

    I would like to express my extreme gratitude for the effort that the entire team at Velosio put in to get our company back online, the effort that was put forth was extremely professional. – Waste Management Team Leader