In a recent blog post, we warned about an hours-old ransomware named Petya.  In the past two weeks, it was discovered that Petya wasn’t ransomware at all. It was an attack aimed at Ukraine.  When the malware hit, files weren’t encrypted, but deleted entirely.  And even if the ransom was paid, there was no ability to restore them.

We’ve learned two other things as well.  First, networks are so connected that once malware is released in the wild, there’s no controlling where it goes.  In the case of Petya, the vast majority of the infections started in Ukraine, but it ultimately hit 65 counties. Companies in Italy, Israel and even Russia suffered major data losses.

Second, we learned the importance of a disaster recovery plan. A great example of this was Maersk, a global shipping powerhouse which was one of the companies most affected by Petya.  Their global network was infected, and shipping operations across the world were temporarily halted.  In a July 9th article, executives detail what the morning without an internal network was like at the APM Terminals facility in Mobile:

Every container, including those coming in via truck to be loaded onto ships, comes with a lot of data, and usually that data is handled by electronic systems. With those dead, the trucking companies had to do just as much work as APM to fill in the blanks.

“I can’t stress this enough,” Harold said, “how closely we had to work with each individual truck driver to make sure they were giving us that information.”

Among the other challenges detailed in the article included determining:

• How to contact other executives without email or the internal phone directory working
• What was placed on hold by Customs, without access to the Customs database
• How to contact customers (and the public) without being able to send email from official company email addresses

Ultimately, Maersk did a great job of getting operations running again, although they did have to close the Mobile port for a day as they put the pieces back together.  But the challenges they encountered are a great reminder of the importance of a disaster recovery plan.  If you lose computer functionality, including your email server, do you have a plan in place to keep the company operational while you restore that data?  How confident are you in your data backups?  If you lose access to your physical office, or if items in the office are damaged and destroyed, do you have a plan to keep the business operating from another location?

These are critical questions to answer, not only because malware or ransomware can affect your business, but because of natural disasters, theft or vandalism, or even fires.  If you don’t have a disaster recovery plan on paper, this is a great reminder of why it’s time to start the process of building one.

To learn more about how WingSwept can help your company manage risk and improve technology efficiency, call us at 919.779.0954 or email us at