I'm about to start slapping clients

[Chadhardy]

I'm not sure about you, but I take the problems my clients have to heart. When their business is down and they're stressing I stress too (probably not as much, but I do). When they lose data I have a knot in my stomach as well. Well the past two days have been the most stressful I've been in quite a while.

An attorney client who's not on a MSP plan with me got hit with the TeslaCrypt 3.0 RansomWare and it took down his laptop as well as their server. I'm impressed with the level these virus writers go to to make sure you pay the ransom. The backup was infected (external HD), system restore points erased, no shadow copy, no files were deleted so undelete software doesn't work, etc. There are some smarter people than myself over at BleepingComputer that have been able to decrypt previous versions of this locker, but this new version is using RSA-4096 where as the previous versions used RSA-2048 and has additional steps to decrypt that the previous didn't. Needless to say we're paying the ransom to get the files back. To make things worse the attorney didn't want to setup an account and purchase the Bitcoin to pay because he's thinking the virus writer would steal all of his money blah blah blah. So I finally got cash from him, set up my own account, purchased the BTC and in about an hour when everything clears will be sending over the ransom payment.

Then today a friend calls me up who has a small accounting company and his external drive with all of his Quickbooks files on it has crashed. Asked him about his backups. That was his backup. He ran the Quickbooks files off of the external and had no other backups. Now I'm waiting him to bring the drive by to see if I can recover any of the files.

So, I'm about to get rude with my clients and tell them how important it is that they use me to provide a good anti-virus, backup their files and manage their computers. I posted on Facebook yesterday about this new virus and made sure to tag some clients. *Crickets* No likes, no comments, silence. I half expected a few of them to reply with a "Come by my office so we can get setup!" - but nope.

I'm sending out an email today to each of them to try and hammer home the importance of this. I probably won't physically slap them, but I feel like they need a good tongue lashing.

On a separate note I'm rethinking my entire backup strategy after dealing with this TeslaCrypt. Since most backup programs grab the files either on a time schedule or on change then they would be backing up the encrypted files. So I need to make sure the backup system I'm recommending has versioning built in. This particular virus also encrypts Dropbox and I'm assuming Google Drive and OneDrive files as well since those files are synced.

Sorry for the rant, but I think I'm about to become a raving lunatic when it comes to backups

 

[resolvetech]

chadhardy,

I feel your pain. I also worry more about clients data then they do themselves. I think a lot of us do because we understand the pitfalls of technology. I think most clients understand this too; however, there is usually someone who swoops in to save them. So they figure what the hell lets just roll the dice again. If they're not going to pay for someone to regularly manage their backups and/or pay for good product(s) that will give them the possibility to pull from multiple restore points then they're SOL in my book! (you need to make sure your service agreements state "you're not liable" before you engage or you going to be in a world of hurt one of these times because data is worth money to people)

Fact is that backups need to be touched every once in while to make sure:

1. that they've been running
2. they can be restored from (doing test restore)
3. they're up to date with latest software

Its not just set it and forget it.

My two cents, Brian

 

[Markverhyden]

1. that they've been running
2. they can be restored from (doing test restore)

The biggest issues I see with backups, and in that order. Can't tell you how many times someone called up about lost data, crashed drive, etc. "Oh yeah, we've had our backup running" And the last backup was a year old, Time Machine customer. LOL!!!

While I try to impart a sense of urgency when I'm working on their systems it's gone when I'm done and they do not implement my recommendations. It's their business and their's to succeed or fail.

 

[Rosco]

Wow that sucks. I would love to hear if after you pay the ransom the files unlock. I add a small company do the same thing with there quick books. Running it off a usb hard drive. But if it is only there it is not a backup. I always preach a 3 step approach: the original, onsite backup and cloud backup). I always tell them if there is a fire it will not go around the usb drive or a theft the thieves will not be kind and leave you a copy!

 

[Digital Micro]

I've stopped allowing myself to stress over clients that don't listen about backups or other common sense things. If something happens I charge them my emergency rate and handle the issue. They can pay now or really pay later when they don't listen.

 

[Chadhardy]

@Rosco It looks like the decrypt worked. When it decrypted the files it left the encrypted ones as well so now I'm removing the encrypted versions and about to make a clean backup of the good files. Tomorrow I've got to do the same with the attorney's laptop. Then we're having a serious conversation on how to move forward.

 

[gikstar]

I'm not sure about you, but I take the problems my clients have to heart. When their business is down and they're stressing I stress too (probably not as much, but I do). When they lose data I have a knot in my stomach as well.

Some of us are built that way, we care and will doing everything within our power to get the client back up and running as soon as possible. Sometimes it keeps us up all night to deliver their system back the next morning, working.

 

[nlinecomputers]

I think most clients understand this too; however, there is usually someone who swoops in to save them. So they figure what the hell lets just roll the dice again.

Take that as a sign to raise your rates. If you are too affordable in "bail out your ass" mode then MSP rates will never look attractive.

 

[fencepost]

One note, for Dropbox at least I suspect the previous versions would be clean since I'm pretty sure they're only accessible through the web interface. On the other hand A) I'm not sure that there's any way except one-at-a-time to deal with them and B) Most attorneys (and medical people) should NOT be storing privileged data on Dropbox.

 

[CTL]

You are too nice. There is no way, I would have paid the ransom on behalf of any of my clients. If they wanted to pay..that's on them. Also, if my client was given the option for us to maintain there backups and they choose not to do it.....then I no longer feel as bad for them. I refuse to run around like a "chicken with my head cut off"(break\fix) anymore when clients didn't listen. This is why for our managed services client, we require them to use us to maintain the backups....no exceptions anymore.

 

[cypress]

Wow that sucks. I would love to hear if after you pay the ransom the files unlock. I add a small company do the same thing with there quick books. Running it off a usb hard drive. But if it is only there it is not a backup. I always preach a 3 step approach: the original, onsite backup and cloud backup). I always tell them if there is a fire it will not go around the usb drive or a theft the thieves will not be kind and leave you a copy!

Implemented the same thing on my client, running her Quickbooks backups on a flash drive when I got their her original drive was already starting to fail. After all said and done we know got her set up properly, but it took that close call to make her open up her eyes.

Truth be told, we all talk about back ups until we are blue in the face but very few clients listen to it. Those that take your recommendations, respect it, and want it implemented just get moved up the queue when they call with any problems.

 

[JoeTech]

There are a few clients here that have that have no quickbook backups. They only run it of a flash drive. I would love to "accidentally" take those flash drives back to the shop with me and then when I get the frantic call say "I thought you said you would never lose it or it would go bad?" Of course they would just end up getting angry at me and probably complaining to my boss so not the best way to prove a point I guess.

 

[altrenda]

I've stopped allowing myself to stress over clients that don't listen about backups or other common sense things. If something happens I charge them my emergency rate and handle the issue. They can pay now or really pay later when they don't listen.

I too used to take these things personally, but now I just keep reminding them about backups until i feel they have tuned me out.

I went to a business client last week, and saw he had the service sticker from a big box store on his personal laptop. I asked about it and he said that the hard drive crashed and he didn't have a backup. He admitted he was too embarrassed to call me because he didn't take my advice and went somewhere else.

 

[Digital Micro]

I too used to take these things personally, but now I just keep reminding them about backups until i feel they have tuned me out.

I went to a business client last week, and saw he had the service sticker from a big box store on his personal laptop. I asked about it and he said that the hard drive crashed and he didn't have a backup. He admitted he was too embarrassed to call me because he didn't take my advice and went somewhere else.

So now he has a new druve that was probably installed by someone who flips burgers at night.