What To Do When You Are The Victim Of A Ransomware Attack

December 20, 2020 | By: Scott Lard

As a business owner, you likely take a variety of preventative steps to protect your business assets, staff, and property. But are you taking steps to protect your business IT systems and data? This is an important consideration for modern businesses because cybersecurity threats such as ransomware pose serious risks to businesses of all sizes. The long-term effects of a ransomware attack range from devastating financials to the destruction of business IT systems, making education regarding ransomware a top priority for businesses in all industries.

Here we’ll discuss what ransomware is and how to properly navigate a ransomware attack

what to do when you are the victim of a ransomware attack

Ransomware is a type of malware which infects computer systems through websites, downloaded applications, spam emails, phishing emails, or social media. Once ransomware has infected a system, it encrypts all of the systems files, effectively shutting off the user from their own personal data. Ransomware cyber criminals will then demand a ransom, typically requested through Bitcoin, in exchange for the decryption of the files and full restoration of the system.

Although there are other types of ransomware and associated malware, this is the most common variety that business owners experience.

What types of businesses are susceptible to ransomware?

Ransomware can affect any and all businesses, regardless of industry or size. Ransomware attacks are on the rise across all sectors of business. As the number of widespread attacks increases, it is the view of most IT professionals that all businesses will at some point be exposed to a style of ransomware over time. The key to recovering from an attack is dependent on two things – how well the business was prepared for cybersecurity issues such as ransomware before the attack and how educated the business is on how to navigate the attack itself.

Prevention is Key

Unfortunately, once a business has been the victims of ransomware attacks there is little that can be done. The best way to handle ransomware attacks is to avoid them at all costs. To help prevent ransomware attacks, businesses can take a variety of steps, including:

  • Employee training on spotting suspicious links and best practices regarding business computer and application use
  • Implementation of antivirus programs
  • Keeping operating systems and software updated regularly
  • Having a reliable, fail-safe backup system for all business data and files
  • Working with an experienced IT consulting firm on how to strengthen business IT security
what to do when you are the victim of a ransomware attack 1

What to do if business systems are victims of ransomware?

If your business has been the victim of a ransomware attack, there are steps you can take to ensure the best possible recovery.

Firstly, you should try to identify where the infection began and isolate that computer or device from every other device in the system. You can do this by disconnecting the computer from the network, including Wi-Fi, and from any storage devices. As with any cybersecurity attack, there can be multiple infected computers, so it is best to treat all devices as if they are infected.

Once the infection has been isolated, the next step is to identify what type of ransomware is attacking your systems. This can be done by searching ransomware identification websites or with the help of an IT professional. No matter how you choose to identify the ransomware, it is important to then notify the authorities. The FBI recommends that victims report all ransomware attacks so the authorities can better coordinate efforts to prevent and stop ransomware criminals.

The next step is to determine how you will deal with the infection. Typically, with ransomware your options are to pay the ransom, try to remove the malware from your system, or wipe your system clean and start from scratch. It’s important to know that even if you pay the ransom, the odds of your system and data being returned to you are low so that is not generally the recommended option. For those businesses with a solid backup of system data , wiping clean is usually the best option as it ensures 100% eradication of the malware. However, not every business has backup and disaster recovery plans in place. This can make navigating a ransomware attack much more challenging. Typically, it is best to have a reliable IT provider to help you navigate a situation such as this.

WANT TO DISCUSS WITH AN IS&T REP?
Contact us today to discuss your new projects!