Databack - Récupération de données
Request a quote
THE BLOG

Databack success stories: remote recovery following a ransomware attack

Cybersecurity has become a key priority for businesses worldwide. Ransomware attacks represent a growing threat, disrupting operations and jeopardizing business continuity. Recently, DATABACK was called in to intervene in a ransomware attack at the Australian subsidiary of a French group, demonstrating the effectiveness and speed of our remote data recovery solution.

data recovery cyber attack australia

Case study: full encryption at an Australian subsidiary

The Australian subsidiary of a French group suffered a complete encryption of its information system, affecting both production and backups. This situation paralyzed the subsidiary’s sales and after-sales service, at a time of intense activity. Although the group had put in place a Business Continuity Plan (BCP) and a Disaster Recovery Plan (DRP) to identify local partners capable of responding to security incidents, the local service provider was unable to restore the encrypted data.

Faced with this impasse, the group decided to call on its French service provider, DATABACK, to find a rapid recovery solution. A crisis unit was set up, contacting us to assess the damage and determine the available solutions. Coordination with the onsite CERT and the customer was essential for effective management of the situation.

Deploying remote recovery solutions

Our initial findings revealed complete encryption of the VEEAM servers and backup files. The distance and time difference necessitated an urgent service response (HNO) using our proprietary remotely deployable tools. This approach considerably reduced the response time, enabling rapid analysis of the encrypted files without the need for hardware shipment.

We immediately activated our on-call service to assess the feasibility of remote data recovery. In less than 24 hours, we provided the group with a full diagnosis and assessment of recovery options. Our solution was to deploy remote recovery tools, enabling access to the affected servers and the analysis of encrypted files without the need for physical transfer of hardware.

Using our proprietary tools, we were able to bypass the data encryption and begin recovery. Working closely with on-site teams and CERT, we were able to access VEEAM backups and production servers. Our advanced recovery technology enabled us to intervene on the data and restore it on secure servers.

Thanks to our rapid intervention, the Australian subsidiary was able to recover all its critical data in just 72 hours. This rapid turnaround enabled the company to resume operations without incurring significant losses, even during a period of intense activity. The success of this operation demonstrated the effectiveness of our remote recovery solution, capable of handling complex and critical situations.

New international partnerships and remote support

Building on this successful experience, DATABACK has established partnerships with incident response providers in several countries. This initiative aims to offer and deploy our innovative remote data recovery solution on a global scale.

Since this intervention, three other foreign companies have already benefited from our remote data recovery services, reinforcing our ability to help businesses recover quickly from ransomware attacks.

This success story illustrates our commitment and expertise in cybersecurity. DATABACK can respond quickly and efficiently, wherever you are. Our team is ready to provide immediate support to ensure the protection and restoration of your critical data.

12 June 2024
Back to blog

list of latest articles

KEEP IN TOUCH

SUBSCRIBE TO OUR NEWSLETTER

By entering your email address, you agree to receive the Databack newsletter. You can unsubscribe at any time by clicking on the unsubscribe link at the bottom of the content. You can consult our privacy policy to find out more.
Databack Linkedin