Ransomware and Sage 300 - Would your company survive the attack?


Ransomware: A form of malware that encrypts a victim’s files. A ransom is demanded to restore access to the data and instructions are given on how to pay the fee to get the decryption key.

Did you know that this type of attack has become so common in the business world today that there are ransomware recovery companies that deal with only these events? The cost of ransomware attacks was over $7.5 billion in 2019 and is estimated to grow higher than $20 billion by the end of 2020. If your company has fallen victim to one of these attacks, you are not alone.

Read on for two very different stories…. (artistic license has been taken with these events 😉)

The Relaxation Company was an organization that had grown exponentially over the past few years, opening branches in several different US states, Canadian provinces and European countries. One day the unthinkable happened. A staff member opened an email and clicked on the embedded link. Within seconds, this big warning appeared on their computer screens:

Ransomware and Sage 300 - Would your company survive the attack?

They powered down all their workstations and servers, but it was too late. All files were encrypted. And since their network spanned the US, Canada and Europe – all of their branches were affected. Business was, essentially, at a standstill. The IT department checked all the backups and they were also encrypted. Offsite backups were reviewed and found to be old and irrelevant. They immediately paid the fee and received the encryption key and started to work at restoring their files. New servers, workstations and laptops were purchased and configured. Software vendors were contacted for installations and the encrypted data restored. New security protocols were put in place and new anti-virus and anti-malware was installed. Sales people and retail outlets were recording sales on paper and manually recording credit card information to keep business running and meet all their customer commitments. It took over 4 weeks for everything to get back to ‘normal’ – which wasn’t really normal at all because the sales staff and the accounting staff had 4 weeks’ worth of sales and data to enter into the system before things truly got back to running smoothly 7 weeks after the attack.

Chill Company, Inc. was a direct competitor of The Relaxation Company. They also had branches in the US, Canada, and Europe with a network linking all the branches. The week after The Relaxation Company was struck by the ransomware, Chill Company, Inc. was also hit. An employee was browsing the internet on their lunch break and clicked on a link that downloaded the malicious software. All stations received the skull and crossbones messages shortly thereafter. The IT department went to work immediately. They brought in a new server and restored their offsite backup from the prior evening. Workstations and laptops were wiped clean and windows re-installed. During this time, employees used spare laptops and old workstations that had been stored, ready for recycling, to access the internet and continue working. There was essentially no downtime, and the office was resurrected and back up and running again in 3 days. (And they managed to steal 4 customers from their competitor while that company was not working efficiently!)

Why the difference?? Chill Company, Inc. was using preventative measures in their business to avoid down-time – for any reason.

Let’s take a look at some available preventative steps that will help you withstand a ransomware attack:

  • Sage300, SageCRM and HRMS data can be housed on a hosted server. There will be no direct link from the desktops to the hosted server, so the accounting, payroll and customer service data cannot be encrypted if your network is attacked. It will be safe. This adds an extra layer of separation (protection) between an infected network and the sales & accounting data.

This may be the biggest and most effective course of action to avoid the pain of a ransomware attack and losing your accounting and customer service data. Equation Technologies offers a Cloud Hosting Solution that will help, not only to avoid the pain of a ransomware attack, but will also ease the burden of your whole IT experience. Equation’s cloud hosting solution offers the following benefits:

  • Your own dedicated company server available 24/7
  • Server used for Sage 300 and any other software that integrates with Sage 300
  • File Storage options available
  • Full database and server backups daily, stored for 30 days
  • Database and server backups monthly, stored for 45 days
  • Offsite data and backup storage
  • Sage 300 standard upgrades included (provided Sage Business Care is current)
  • Data Centers located both in the US and Canada

Maintain complete control over your data but leave the responsibility for it to Equation! Reduce your capital cost on hardware purchases and virtually eliminate IT maintenance costs associated with your ERP system. Enjoy the peace of mind that comes with knowing your data is well secured.

Once you have this biggest initiative in place, there are some other actions that you can take.

  • Working files can be stored on a service like Dropbox or Onedrive and google sheets & google docs. Everything can be in the cloud. In the unlikely event that the infection spreads to Dropbox files, via a mapped drive, Dropbox can be relied upon to restore these files from their own backups. Additionally, files from Dropbox can be backed up on the local server as well. (I’m not advocating for any one of these services in particular, just giving examples of some available)

  • Backup your server and regularly test these backups for viability (do a test restore). Optimally, store your backups in a fire-proof safe at an off-site location. At very least, store your backup media in a place that is not connected to your network.

  • Consider Gmail, Office 365, or another cloud-based email service. Nothing is stored on a local drive; everything is accessible via an internet connection.

  • Have a Ransomware Attack Recovery Plan. Don’t keep your head in the sand. Plan for the worst and be able to recover quickly!

  • Educate your employees. Most ransomware attacks are launched by a person that clicks on something or opens something. Create human firewalls. They are the most effective in reducing risk. Use a company like KnowBe4 to help train your staff.

Don’t let your data fall into the wrong hands.

Secure your data, protect your company.

Contact Equation today

Related Articles

Need Help Now?

Request a Call