I work in IT at a Food processor. In August of 22 we were hit with a massive ransomware attack, they managed to travel to our backups and destroy those as well. Our item file in our ERP was saved and Outlook cache on uninfected PCs meant we recovered some emails. Otherwise the loss was total.
What is the chance we will be hit with another ransomware attack that encrypts our on-site ERP files or a substantial part of our operational files on share point, and that our backups are destroyed or we are unable to recover from them, by 2025?
Background:
We hired a ransomware specialist firm out of California to manage the process, and refused to pay the 2 million dollar ransom they requested.
It looks like they got in through gotoassist, we no longer use that product, we use Datto for remote support with mfa.
We managed to rebuild, get payroll and payments in and out back in a few weeks and we have spent the last year plus implementing a new variant of our ERP software.
From a security standpoint we have 24/7 monitoring, and we went to a new it consultant team with a full stack of security products.
We implemented MFA and Office 365, a password manager, and we use iron scales for email filtering. We require password expiration every 6 months.
As a business to business company we don't have an interactive website or e-commerce, except for EDI.