Police Department Shoots Down Ransomware

The recent barrage of ransomware attacks on businesses and government agencies is increasingly alarming. Over the past couple of years, several prominent organizations have been cut off from their data and forced to pay significant sums to unencrypt it. Unfortunately, the problem appears to be getting worse.

One organization that’s taking aim at the problem is the Barnstable Police Department in Massachusetts. The agency, which serves the 50,000-plus citizens in the Cape Cod community with about 130 officers and employees, has migrated to a more robust data backup system.

“Everyone is concerned about infections, and no entity is impervious to attacks,” states Craig Hurwitz, IT director for the Barnstable Police Department. “The best defense against ransomware is a solid set of backups that render an attack useless.”

In the past, the police department relied on a basic storage appliance with a backup agent. “The previous device was originally intended to expand storage space as data requirements grew,” Hurwitz recalls. The system essentially backed up all data, but it didn’t provide necessary visibility and controls. It also lacked clear recovery point objectives (RPOs) and recovery time objectives (RTOs).

As a result, finding specific data or rolling back a system to a specific time was next to impossible. “We had very limited feature sets and capabilities,” he says.

Improve Recovery Times, Speed Processes, Simplify Access

That’s no longer the case. In May 2015, the Barnstable Police Department turned to Reduxio’s HX550 storage systems with BackDating to improve recovery times, speed processes and simplify access to important applications for patrol officers and staff.

The Reduxio device serves as the primary storage solution for hundreds of virtual application servers and desktops, which were migrated from legacy systems. Hurwitz says that the BackDating feature offers one-second recovery intervals, allowing the police department to restore its data to the exact moment before a breach.

In fact, a subsequent ransomware attack was rendered useless. After data inside systems began to appear in an encrypted state, the IT staff was able to shut things down and revert to a validated backup set. A full restore process took only about 30 minutes, and the police department was able to avoid paying the ransom.

Hurwitz says the system also provides other advantages. “If someone accidentally deletes a file or a database, we can find the clone and reinstall it,” he explains. “The technology offers a great deal of flexibility. We are able to restore entire volumes or go as granular as a single file.”

Moreover, Hurwitz says that the network-attached storage device is simple to manage and use. “There are no command lines and esoteric instructions to enter,” he points out.

What’s more, the transition from the old system to the new was seamless. “We just plugged in the new system, set up the parameters and began using it,” Hurwitz says. ”Once we had a backup set, we unplugged the old device. It was a seamless transition.”