The IT division was responsible for multiple critical business operations which include the SQL Server databases, file shares, and customer loyalty systems. All of which were based on an on-premise data center. They ensured that they used best practices to protect the apps and data while also ensuring they had security up such as firewalls and a virus scanner. They also made sure to keep employees who had access to the corporate network aware of risky actions on the internet through training.
They were using Veeam to back up their primary data center while storing their backups locally and replicating to a remote site on a separate building on the property. All of this done through the corporate WAN. They also made sure to backup and test regularly to ensure that they could recover in the case of an unforeseen disaster.
However, even with all this precautions in place, there came a day when departments across the organizations contacted them saying that they could not access their applications. They could not find the problem until they saw that ransomware had started popping up on their screens.
No matter how much you train someone, as humans we are prone to errors. Someone clicked a link and infected the network. What made the situation worse, the ransomware actively sought the backup and immediately infected it as well.