Welcome to Part 2 of Data Protection and Recovery – When cheap is expensive

Barry: I’m about to lose everything, aren’t I? 

Me: Maybe.

Barry: This would be data recovery, right? 

Me: At this point, yes, it would be. 

Barry: Data recovery is expensive. 

Me: It can be.  It depends on many things. 

Barry: So .. how do I fix this? 

Me: Well, there are a couple of ways.  First, you can try paying the ransom on a single system.  IF and it can be a BIG if they send back the correct key and you can decrypt the system, then there is a chance they will make a deal for you to get the keys to unlock all the systems. 

Second, pay to unlock one system and maybe be able to get to those backup files you mentioned.  Hopefully, because they are also encrypted and broken up, they can be reassembled and restore your data on other systems. 

Third, we dig into the systems and try to find a single one that might not be fully locked down and maybe get lucky enough to find what we need to recover with the backups. 

Barry: OK.  I like option three.  How long will that take you to do? 

Me: I am not sure, Barry. I don’t know which ransom it is. I have not seen your machines to figure that out, yet. There are many.  Some have been broken, already and have tools to unlock, without paying the ransom. 

Barry: So … you can’t quote me what it’s going to cost me? 

Me: Can you quote me how much it will cost to make a shock absorber for a new bridge? Blind? 

Barry: well, no.  I need to know the founda … OK.  I get it.  Too many unknowns.  You need the survey and the plans for the bridge, right? 

Me: Yes. Exactly.  

Barry: When can you get here? 

Me: Where is ‘here’? 

Barry: Springfield, Missouri. 

Me: That’s about a 7 hour drive, Barry.   

Barry: Oh.  That’s a long way for a service call. 

Me: That depends.  Would you consider it a long drive for the heart surgeon if he was the one you needed? 

Barry: That’s not the same. 

Me: A person’s heart is important.  And the computers and data are the heart of your business.  How many of your staff need their job?  You need a heart surgeon level experienced person to try to bring your network back from the edge of death. 

Barry: Do you accept Medicare? <weak laugh> 

Me: That’s a good one.  I like it. 

Barry: I can’t afford to bring you out here for this. 

Me: Stop and think a moment.   What do you believe this should cost you to get your business back? 

Barry: If I have to pay for each machine to be unlocked, that’s $40k.  Plus what I have to pay someone like you to do it.  And I know, I charge $5k for a one day survey for a building site.  So … $50k with expenses, overage and such. 

Me: OK. That is the 2nd most expensive option.  AND that depends upon them having any ethics and morals to provide valid keys.   

Barry: Yeah. The most expensive is to lose everything.  Are you willing to travel, right now? 

Me: I can’t get there, tonight, Barry.  I will need to rent a car.  Enterprise does not open until 9AM.  And I would be out expenses, just to get there.   Airfare would be about $400 for round trip. From what I am seeing online.  And not a one of those would have me in your place before noon, tomorrow.  5 hours of flight time or about 7 hours drive time.  

Barry: What can I do?  I need this fixed!  Quickly! 

Me: I know a guy in Tulsa.  Can YOU hold for me to call him?   

Barry; Can you just call me back? 

Me: Sure.  Give me 30 minutes.  Either I will call you back, or my colleague, Paul, will be calling you. 

Barry: Thanks. 

I call Paul.  Explain the situation.  He’s not interested.  The risks of Covid-19 are more than he is willing to risk, with his already compromised health.  We discuss the situation, trying to find an answer for Barry.  At 25 minutes, we disconnect, and I call Barry back. 

Me: Hello, Barry. This is Daniel from Indy’s I.T. Department. 

Barry: My son and his little friends are all here.  They say they can fix it.  One of them found a way to unlock all ransomware.  It’s like a golden key or something.  And it’s only a grand.  I think we will try that.  Can I call you, later, if I need to?  You’ve been such a help and I really appreciate you taking the time to explain it to me. 

Me: Barry, do you feel you can trust me? 

Barry: Yeah, I think I can. 

Me: OK.  Then please, PLEASE listen to me on this.  Use me to fix your situation or use another PROFESSIONAL.  But DO NOT allow your kid or his friends to try to fix your computers.  That is what put you in this situation in the first place.  Please, DO NOT do that.  There is no magic key for all ransomware.  That’s like saying there is a magic key to start all cars. Do not do it. 

Barry: Thanks.  But I have to try this way, first.  I’ve got them ready to start on the most important system, first.  The accounting system.  It has the least number of drawings and such on it. 

Me: NO!  Barry do NOT use the accounting system as test for them.  Use the receptionists system, but NOT the accounting system.  You will spend years getting your data entered back in, if I am right about their magic key.  Test it on a system that has the LEAST VALUE to your business first.  Just in case it breaks and makes things worse. 

Barry: Oh.  I see what you mean.  Yeah.  Let me stop them before … Anyway.  Thanks for the time.  I may be calling you, later.  Bye. 

About an hour later …  

Ring! Ring! 

Me: Hello, Barry?  How did it go? 

Barry: I’m screwed.  They tried it on 5 computers.  It formatted each one.  It’s gone.  All of the data.  It looked like it was running, but it was just formatting the drives, one of the kids said. 

Me: Barry, I’m sorry to hear that.   

Barry: Yeah, So, I did like you told me to try. I paid the ransom for one system.  An automated message came back in a few minutes with a key and tool to unlock the systems.  It did not work.  On any of the systems, even though we gave them the key code for the one machine.  The kids chipped in and bought some kind on online coin to buy the key to unlock the systems.  Can you come out, tomorrow?  Not your friend.  YOU. 

Me: I can.  But to be honest with you, I will need $1000.00 up front.  I have to have funds to get there. This shutdown from this virus is really impacting everyone’s cash flow.  I can’t drive out, etc, and risk paying my bills with the unexpected expenses of an emergency service call. And the only promise or guarantee I can give you is that I will do my very best to help you get back your data.  ALSO, within 48 hours of leaving your location, you will receive a plan on how I can help protect your network, your data, and your business.  That means servers, firewalls, support services, maintenance.  The services of an IT department you can rely on to keep you running. 

Barry: Do you think any of this stimulus money will be available to pay for this? 

Me: I don’t know, Barry.   

Barry: OK. I will call you, in the morning.  I want to sleep on this, before I make any decisions.  And I sent my son to stay with my mom, for a few days.  It’s probably better I not see him.  Or his little friends, for a while. 

Me: That is probably a very good idea.   

Barry: Good night, Dan.   Thanks for all your help. 

Me: Good night, Barry.  I look forward to talking with you, in the morning.  And look for a positive to come from all this. 

Barry: Like what?  I’m about to lose everything I ever worked for. 

Me: Have you ever drawn up a design for something that just would not work?  Maybe because you were starting with something else to make it easier for you? 

Barry: Yeah.  Yeah, I have. But how does that apply to this? 

Me: Your computers and network … they have been added when needed, right?  No real plan.  When one crashed, you fixed it?  Or replaced it? New hire, you ordered a new system and put it on a desk? 

Barry: Yeah … We just kind of did what we needed, as we grew. 

Me: Well, this will give you a chance to throw away the old idea that worked before, but not on the new project.  We will do all we can to get your data back.  Then we will design and build your network.  Take this opportunity to take it all apart and put it back together, again, better. With organization, real backups, etc.   

Barry: OK.  Yeah. I like that.  Phoenix, right?  From the ashes? 

Me: Yes.  Don’t let this tear you down.  Instead, use it to build up, again. Clean, lean, and more flexible to changes.  And with contractor and work from home support built in. 

Barry: Yes.  I like that.  But … it sounds expensive.  One of my son’s friends.  I think he’s the oldest of them.  He told me about a server system called Linux, I think?  Can that help?  He said it was free and most of the internet ran on it and it was protected against ransomware? 

Me: Yes, Linux is a good tool, but it’s no cheap and free magic key.  Let’s talk about that, after I get out there and see what you have going on. 

Barry: OK.  Sounds good. I will call you about 8, tomorrow morning.  Or is that too early? 

Me: 8, tomorrow morning will be fine.  You are an hour behind, so it won’t be too early for me. 

Barry: OK.   Thanks.  Good night. 

Me: Good night, Barry.  I look forward to your call in the morning. 

Lesson Learned

Even when we do our best, and our family has their best intentions in mind, it is still always better to bring in the professionals when it comes to the heart of your business. Nearly every business is a technology business now because we all rely so much on our computer systems – even the handheld ones in our hands. The COVID-19 pandemic showed us what was possible with work from home potential; it also sunk a lot of small businesses that weren’t able to pivot to the IT demands the shut down caused. 

Indy’s IT Department and CYAMS offer managed services that help businesses use the work from home model to its fullest potential in a secure and protected manner. Managed services is the insurance policy you didn’t know you needed.

– Shawna