IT disasters – a 24/7 Supermarket with multiple virus infections.

A real account of a recent incident experienced by a 24/7 Supermarket known to us in Perth, Western Australia (January 2017) with multiple virus infections.

The IT Guys manage and monitor the Anti-Virus software of a 24/7 Supermarket through AVG Cloudcare. Unfortunately, they have not heeded our advice regarding their backup regime, Internet connection and upgrading of their email accounts. Hence the following consequences.

When one of the clients PC’s contracted a computer virus, we were informed automatically by email and started to investigate. Upon examining the PC we found that the anti-virus program had been removed and the PC was behaving very strangely.

We reinstalled the Anti-virus and immediately started receiving further virus notifications from that PC and shortly after received email reports from the other networked PC’s and the Microsoft Server 2008. It was clear a major virus attack had hit their network.

After further investigation, it became clear that the virus had come from the clients main email. Viruses transmitted through emails will not only take down the PC they are opened on but can quickly spread to attached servers and backup drives and devices, disrupting or disabling all systems until removed..

The only effective way of completely removing viruses off a network is by using an Anti-Virus rescue software such as AVG Rescue or Avira Rescue and possibly rebuilding the server. Unfortunately, this requires taking the servers and PC’s offline for 4 – 24 hours by booting them to a Rescue CD/DVD or USB. Unfortunately this operation cannot be done remotely and requires a technician to be on site to perform the operation. This can be very costly if the devices are in a remote or rural location. The supermarket in question had to suspend trading for a day while their server was scanned, viruses were removed and the operating system rebuilt.

The majority of supermarkets use a proprietary software POS management system such as Grocery Manager, Surefire, MYOB Retail Manager, etc. to connect the POS computers (Tills or Cash Registers) to a Server where the main program runs and collates data and stock control. In addition to the cash-registers and server will always be at least one back-office PC for label printing, emails, ordering accounts etc. The POS computers are usually very basic computers or dumb terminals that only connect to the server and have little interaction with the outside world whereas the server and the back-office PC will most certainly be connected to the internet.

In this instance a virus infection on the server corrupted elements of the operating system, which in turn effected the POS software and the terminals ability to communicate with the software.

The clients e-mail systems were not setup by the IT guys and are still using the old POP3 email protocol where the mail files reside locally on the PC. These type of mail files tend to become very large and easily corrupted if attacked by viruses. In this case once the viruses had been removed, the email files had to be rebuilt and restored, which turned out to be quite a lengthy process in addition to restoring the server systems.

Although removing viruses from PC’s is quite straight forward, removing them from a server is not and a complete server rebuild and backup restore is often required. This process can take many hours, even a few days and may mean severe business disruption.

Prevention is ALWAYS better than CURE and this can be achieved by implementing ALL of these suggestions.

  1. Using monitored Anti-Virus software such as AVG Cloudcare.
  2. Local backup rotated and checked on a regular basis (PC’s/Servers) to a NAS drive.
  3. Offsite/Cloud backup updated daily such as CrashPlanPro or ReadyCloud
  4. All email accounts setup on hosted-exchange platform such as Microsoft Hosted Exchange.
  5. Upgrading Internet to HFC, NBN or Fibre to facilitate quick Cloud backup and restore.
  6. Educate workforce on how to identify bogus emails and websites.

 

Our Preventative Maintenance Plans start from $66 per month, we offer 4 plans:

  • Cloud Backup Plan – setup and installing cloud backup only, we monitor the cloud backup monthly.¹²³

  • Basic Remote Backup Plan – monthly remote checkup of your local backup¹²³

  • Onsite Backup Plan – monthly site visit to check computers and servers and local backup¹²³

  • Comprehensive Backup Plan – monthly site visit to check computers, servers, local and cloud backup¹²³

  1. All plans include a FREE remote or on-site Audit of your companies IT systems before we recommend which plans would be the most suitable.
  2. All plans may require the upgrading of email accounts. Users of Microsoft Outlook often have very large email files with multiple folders and emails going back many years. Due to the size and nature of older Outlook data files (.pst and .ost) they may not be able to be readily backed up, especially to a cloud backup source and will need to be moved to a hosted exchange platform
  3. Cloud backup plans are only viable given reasonable internet download and upload speeds. Internet speed and NBN/HFC/Broadband availability will determine our recommended backup regime.

 

IT disasters – a 24/7 Supermarket with multiple virus infections.

IT disasters – A private organisation with FileCryptor Ransomware

http://dev.itguyswa.com.au/it-disasters-bakery-corrupt-myob-backup/

http://dev.itguyswa.com.au/it-disasters-medical-practice-cryptolocker/

 

Need more help?

If you live in Western Australia, and you need any kind of computer help, please bring your computer to us at 315 Rokeby Road, Subiaco, Western Australia or call us out. You can contact us here or call:

08 6365 5603 
Alternatively click on the Green “Support” button in the bottom right hand corner of the screen and leave a message.Microsoft Silver Certified Partner - Small and Midmarket Cloud SolutionsFor instant remote control support download and install our TeamViewer remote control software By Clicking Here and following the instructions found on this page

Leave a Reply

Your email address will not be published.