The client is a South Asian healthcare provider delivering advanced patient care through integrated practice units, superior infrastructure, medical facilities, and clinical services.

The on-premises data center of the healthcare provider was attacked by ransomware, which called for efficient threat resolution. During the failback operation, they were attacked again, and PACS (picture archiving and communication system) showed signs of being infected by the virus.

CCS Cloud team was judicious when assessing the situation at hand and carried out the recovery with extreme caution.

Isolating the affected servers took precedence over DR enablement.

Post isolation, CCS enabled DR through the Azure Site Recovery console.

CCS worked with Microsoft to restore the data from Azure to get the PACS up and running and used shippable devices to transfer data to the on-premises NAS (Network Attached Storage) server – in an offline manner.

CCS moved about 7 TB of Azure VM data (PACS VM) to the Azure storage account.

Given latency issues, CCS sent a hard disk to the Microsoft data center and subsequently copied the received data to the client’s on-premises server.

To avoid future issues, we recommended and helped the client to implement security best practices.