Rapid ransomware recovery requires a good backup and recovery plan.
When faced with a ransomware attack, organizations and government agencies need to have robust protocols in place to respond quickly. The importance of regular and secure backups cannot be overstated. The City of New Orleans learned this lesson firsthand during a complex and time-consuming backup and recovery process following a ransomware attack.
In the aftermath of the ransomware attack, the city was forced to take the drastic step of completely shutting down its digital infrastructure. As a result, 100 percent of city services became unavailable overnight, causing significant disruptions. The city needed to address these issues by deploying a solution that was easier to use, worked better, and could be trusted to keep data secure. To do this, the city turned to Veeam.
I met with Kim Walker LaGrue, CIO of the City of New Orleans, at the VeeamON 2023 conference in Miami to discuss how Veeam’s technology has helped the city with both backup recovery and disaster recovery. Highlights of the ZKast interview, done in conjunction with eWEEK eSPEAKS, are below.
- The New Orleans ransomware attack is a key example of how vulnerabilities can be exploited. The incident began with compromised credentials. The IT department noticed unusual activity when there were constant password resets, and remote access was detected on user workstations. It was discovered that a user had opened a malicious email, allowing an attacker to infiltrate the city’s network.
- To recover from the attack, the city cleaned and inspected its existing data, transferred it onto new storage platforms, and implemented a fresh backup strategy with Veeam at its core. This approach ensured that as data was reintroduced into production, it was not only clean and free of ransomware, but also immediately backed up through Veeam. Ensuring the cleanliness of data is a critical but often under appreciated aspect of recovery.
- The city bounced back from the ransomware attack in just about a month. But the real game-changer moment came a year and a half later when New Orleans had to deal with a major disaster. A hurricane caused the city’s main data center to be destroyed by a fire. The city had to rely completely on secondary storage and its backups. This time, New Orleans restored its entire environment and got the backups online in the secondary data center within 48 hours.
- Before turning to Veeam, the City of New Orleans was dealing with fragmented backup solutions deployed across different parts of its IT environment. The backup solutions weren’t efficient enough to ensure fast recovery, which is crucial in the event of a data breach or a natural disaster. The city wanted a solution to consolidate the backup processes for all these disparate systems into one location.
- The city chose Veeam due to several key factors: simplicity, responsiveness, user-friendly interface, and immutable backups—an especially useful feature where backups cannot be modified or deleted after they are stored. Overall, Veeam’s solution acted like a security blanket over the city’s infrastructure as it was being rebuilt. This gave the team confidence during a potentially stressful period.
- Operationally, moving to Veeam has provided the city’s data center team with flexibility and automation regarding data recovery. The team can now easily identify and restore specific elements, whether an individual file or a set of servers, from a single interface that Veeam offers.
- For other organizations dealing with ransomware, the best approach is to prioritize and categorize data because it holds the most value. So organizations can truly understand the nature of the information in their environment. This puts technology solutions in the best possible position to recover, eliminating the need for organizations to negotiate with threat actors or pay a ransom.
