Partner Success Story
With x360Recover BCDR, Progressive Computing restored 2,500 endpoints representing 80 clients, with 250 servers, in 200 locations, across 7 time zones – all in just 17 calendar days.
Robert Cioffi, COO & Co-Founder of Progressive Computing, says this about their rapid recovery: “We’re scoring this as a 100% victory. Not only did Axcient’s technology work flawlessly, but the support staff that helped us get through that process was just amazing. They were very compassionate about our situation. We had calls not only from their technical staff, but even senior members of their team reached out to ask, ‘what else can we do to help you guys?”
The Reality of a Total Ransomware Takedown Event
It was the Friday before the July 4th weekend when Robert Cioffi, COO & Co-Founder of Progressive Computing – an almost 30-year-old MSP based in Yonkers, New York – discovered that they were the victim of a massive ransomware attack. Hoping to capitalize on the long holiday weekend, a group of hackers used REvil Sodinokibi ransomware to exploit a flaw in Progressive Computing’s RMM platform. The supply chain attack targeted MSPs and has affected between 800 and 1,500 businesses around the world. For Progressive Computing, every single one of their 2,500 endpoints, including 250 servers across 80 clients, plus their MSP, was encrypted.
Equipped with x360Recover for business continuity and disaster recovery (BCDR), Robert felt confident in their ability to recover from an average ransomware attack affecting one endpoint or one client. However, they had not planned for this kind of RMM infiltration and takedown of 100% of their clients and their own systems. Almost a year later, Robert reflects, saying,
“This could have put us out of business, and many of my customers out of business, simply because of the scale and magnitude.” He goes on to say, “Whether or not we were being naïve about the real possibility that something like this could happen, we never thought about our ability to respond in a mass scale sort of way.”
Axcient BDR Technology and Support Enables Rapid Recovery
Robert and his team collaborated with their cyber liability insurance provider to determine the best process for recovery. Based on logs independently verified by two third-party security sources, Progressive Computing pinpointed 10:49 a.m. as the time the attack began. With that information, and Axcient’s 15-minute recovery point objective (RPO), technicians could start restoring servers from 8 a.m. the day of the attack.
From a mathematical perspective, the recovery effort required Progressive Computing to essentially triple in size overnight. With almost 99% penetration, everything needed to be completely destroyed and installed from scratch. Luckily, Progressive Computing had support not only from Axcient, but from the MSP community. Robert had spent years cultivating meaningful connections through peer group involvement and a strong sense of channel unity. What would have taken the Progressive Computing team two to three months to recover, took only 17 calendar days.
Robert says, “Axcient really stepped up. Not just as a technological solution, but as a company who showed great care and compassion when we were in our darkest hour. Their technology worked perfectly and we recovered all 250 of those servers back to their original state. We didn’t lose any data.”
“Hopefully Axcient is your go-to BDR, disaster recovery, business continuity partner because they were invaluable to us. They assigned us some pretty high level engineers that were on the ready, walking us through some problems, helping us understand what a full-scale recovery would look like. You need strong vendors like Axcient to back you up.” – Robert Cioffi, COO & Co-Founder of Progressive Computing
- 100% recovery of 2,500 encrypted endpoints in 17 calendar days
- 0% of data lost
- $0.00 paid in ransom
In addition to the technical support Robert received from the community, he largely credits platform standardization for the recovery success at Progressive Computing. In fact, his number one piece of advice for other MSPs – from a profitability, efficiency, and scalability perspective – is to standardize on a single platform. Robert explains, “I’m the example of why you should only have one. Your technicians get to know that product or solution the best. They can’t become masters of five different BDR technologies. They just simply cannot. And if we were in that position, with multiple DR technologies, I know that the recovery efforts would have taken considerably longer.”
Looking ahead, Progressive Computing is focused on educating clients about additional protections, like workstation backup and centralizing on a server. They are spinning up a lot more x360Recover Direct-to-Cloud deployments for hardware-free BCDR. Unfortunately, Robert and Progressive Computing continue to deal with the fallout of the attack, and are reevaluating their incident response plan to prepare for whatever could come next.