Microsoft Cloud IT Pro Podcast

Episode 396 – Lessons from a real-life ransomware attack

Feb 27, 2025
Discover the harrowing details of a ransomware attack on an on-premises VMware setup. Learn about the critical vulnerabilities that contributed to the breach, especially the importance of regular updates and robust password policies. Explore how improper backup solutions can exacerbate the damage and the necessity for a solid disaster recovery plan. The conversation also emphasizes the impacts of firewall vulnerabilities and the effective 3-2-1 backup strategy for ultimate preparedness against future threats.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ANECDOTE

Ransomware Attack Narrative

  • Attackers exploited unpatched firewalls to create a VPN connection, bypassing user compromise.
  • They encrypted ESXi servers, backup servers, and corrupted backup storage, leaving no recovery options.
ADVICE

Patch Everything

  • Patch and update all systems, including firewalls and network infrastructure. Don't assume workstations are the only vulnerability.
ADVICE

Strong Passwords

  • Use complex passwords with at least 12 characters for all systems. Seven-character passwords are easily brute-forced.
Get the Snipd Podcast app to discover more snips from this episode
Get the app