Oh it was a hot damn blast.. A day at six flags doesn't even compare to this much fun.
It all started when someone decided to open a email attachment claiming that they have a voicemail on their phone and if they click the link, they can hear it. That was about 11:45 am on Tuesday.
I get back to my desk at noon to eat lunch and listen to my voicemail-- On the actual phone, not through email. With a statement like, "This thing says I have 100 hours to pay 300 dollars in bitcoins? Then my files will be usable again? It changed my wallpaper, I like it and want it back.
Yes.. All that stated and they are worried about their wallpaper.
Then I saw what I've been fearing since I caught wind of it. That's when I encountered a virus that I (to date) was actually afraid of.
In the 15 minutes between the attachment executing and when I got my voicemail.. This bad boy had made most of our server side excel and word docs unreadable due to file encryption. Not only those but PDF's and god knows what else.. But, our CNC programs and accounting software was still functional because they're on a different server AND they don't have file extensions. They're just "files".
I begin searching this thing out on Bleeping Computer, US-CERT and whatever else.. Yeah, they all say the same thing. Even to this day they say it. I'll summarize for those who don't know, either risk it and pay the fine and assume criminals aren't lying to you OR restore from backup.
We sucked it up and restored from a backup tape and basically lost a day electronically. That and our file server is running Ubuntu 12.04 server and our other two servers - wait - We did have only two, now 2 servers are running Server 2008 R2 and 1 on Ubuntu.
That was roughly 36 hours ago, this is my first night home. After restoring from tape.. Installing 12.04 on our "useless" old MS Server 2004 with ONLY 16Gig of Ram, preserving what I could with regard to file structure everyone would be used too (Folder names etc..), creating a script that'll map the drives on log in and making sure our 2008 servers will see the new file server. I'm done.