Client: A leading Managed Services Provider (MSP) supporting nearly 300 hospitals across the U.S.
Business Challenge:
Healthcare is one of the most targeted sectors for ransomware (in the US, attacks against the healthcare sector in 2023 were up 128% compared with 2022), and compromised data can lead to delayed medical procedures, disrupted patient care, and business-threatening costs. The MSP offered a Backup-As-A-Service solution but faced increasing demands from its healthcare clients for more robust ransomware protection.
The challenge? The hospital’s dependency on Internet-connected systems and large amounts of sensitive personally identifiable information (PII) and personal health information (PHI) data render it especially vulnerable. Advanced ransomware can bypass traditional EDR/XDR defenses, lying dormant in backup files until restoration. The MSP risked failing to meet its clients’ expectations for reliable recovery and operational security without a way to ensure backups were free from hidden threats
CLIENT TESTIMONIAL
“We now include Elastio as part of our standard offering – having the ability to validate that our clients’ backups are clean is a critical capability.”
— Product Manager, Managed Services Provider
Elastio Solution
Elastio Ransomware Recovery Assurance Platform (Elastio platform) provided a uniquely fitting solution by addressing both key gaps in the MSP’s offering: 1. protecting against EDR/XDR bypass and 2. validating the integrity of backups.
- Off-host scanning of data at rest: Recognizing that ransomware commonly compromises the VM, Elastio did not scan potentially compromised systems. Instead, it scanned backups and snapshots—ideal data sources at rest—outside the host environment. This approach minimizes the performance impact on production workloads, ensures secure and tamper-free scans through isolation, and provides scalable coverage for large environments without relying on host resources.
- Advanced ransomware detection: Elastio platform’s AI/ML engine, RansomwareIQ, could detect and identify hidden threats, such as LockBit, cl0p, ALPHV, that evade standard defenses like EDR/XDR.
- Backup validation: Elastio ensured the integrity of the backups taken as part of the MSP’s BaaS offering, providing clients with confidence in their ability to recover safely.
Impact:
The value of the Elastio platform became evident when the MSP deployed it for a major hospital. During initial scans of the hospital’s backups, the platform detected dormant Dharma ransomware that had bypassed the hospital’s EDR system.
By exposing this hidden ransomware, Elastio helped avert a potential hospital services shutdown—an incident that could have cost nearly $11 million. This success not only demonstrated the effectiveness of the MSP’s enhanced Backup-as-a-Service (BaaS) solution but also bolstered the MSP’s reputation for delivering robust ransomware protection. Healthcare providers gained confidence in the safety and integrity of their backups, trusting the MSP to safeguard patient data and uphold privacy standards.
Following this incident, the MSP integrated Elastio into its BaaS offering for all customers, significantly reducing backup validation and scanning times by 11x compared to malware signature scanners and ensuring compliance with regulatory and audit requirements.
