When it comes to ransomware, you want to do all that you can to prevent an infection rather than respond to one. Of course, this isn’t always possible, so if you are struggling with a ransomware attack, you’ll need to act quickly to keep it from spreading. Let’s go over some of the steps that you’ll need to take to come out of a ransomware attack without too much scarring.
First, before you do anything else, you need to tell your IT department what’s going on. If you can’t reach them, we are happy to help. Just call us at (866) 546-1004.
If you suspect that multiple systems are affected, you’ll want to take your network down to the switch level. Unplug the switch and disconnect it from the rest of your company’s infrastructure. You want to isolate the problem so that it doesn’t have a chance to grow and get bigger. This extends to your data backups and other devices.
Don’t power down your devices unless it becomes clear that you need to do so. Shutting down hardware means that you won’t be able to trace the attack or track it. You’ll want to know where it originated and where it’s going, if at all possible, and if you shut down your devices, you’ll lose the ability to do this.
Assuming that your entire infrastructure is compromised, you’ll need a way to communicate with others without putting them in harm’s way. Communicate with your team internally through phone calls and text messages whenever possible, just in case your systems are compromised and you need to keep tabs on them.
Communication will be critical as you move forward, especially with your staff and any customers or clients you have. Like with any other type of data breach, you need to prevent cybercriminals from gaining access to customer information whenever possible. Furthermore, knowing what has and has not been stolen will help you keep tabs on your legal responsibilities for notifying your customers that their data has been compromised.
Did you know that ransomware is considered a felony? You need to take action to report it to the appropriate authorities. You can do this by submitting a photo taken by your smartphone.
We hope you’ve been backing up your data, because without it, you’re in for a difficult recovery process. We recommend that you always have a high-quality data backup solution in place; it’s well worth the investment. If you haven’t thought about or tested your data backup over the past six months, you might as well not even have it.
If you have a backup that you can rely on, then things are a lot better… but they’re still not going to be pretty.
Your IT will be crucial for helping you recover from a ransomware attack. They will have to run tests to determine how the ransomware found its way onto your network, as well as other important information to consider. There might be more threats on your network using the ransomware to mask their presence. Most businesses suffering from a ransomware attack will suffer from additional attacks soon after.
In the event that a ransomware attack can be reversed, it will entail a clean wipe of your affected devices. Really, you shouldn’t be storing sensitive information on a workstation, instead opting to store information like this on your servers. Of course, you want it all to be backed up and redundant to have any chance at all of recovery.
The only way to truly combat ransomware is to ensure you don’t suffer from it in the first place. While you can take steps to help the recovery process, we recommend that you be proactive with it now so you don’t have to worry about it in the future.