Ransomware is a serious cybersecurity threat today. We often discuss how you can make sure you don’t fall victim to a ransomware attack, but we don’t often address what happens when one occurs. In today’s blog we want to talk about what your organization should do (and also what it shouldn’t) if a ransomware attack happens to you, as well as things you can do to stop it happening again.
If you fall prey to a ransomware attack, with a message claiming that your computer files have been locked down, you’ll be scared. But don’t panic just yet. It’s possible that your device isn’t actually infected. There’s been a new development, with threat actors making ‘fake ransomware’ attacks. Because it’s increasingly well-known that ransomware can be incredibly dangerous, some cybercriminals make money just by creating fear, prompting the recipient to pay up.
You should not just leap into action and pay the ransom. You don’t know yet how bad things are, and there’s no benefit to be gained from acting impulsively. Instant payment sends out the message to hackers and cybercriminals that this is an effective scam that’s worth perpetrating again and again, targeting other victims.
Your first step should be to contact your trusted IT resource right away, so you can quantify the danger. It might be possible to restore your data with a backup created just before the attack commenced, though this may not work if the hacker is using double-extortion (such as threatening to release the stolen data online if you don’t pay). Whatever the situation is, consult with your IT advisor and find out what your options are before taking any action.
If you’ve suffered from a ransomware attack it will surely be a priority for you to make sure it never happens again. The way to do this is to ensure that hackers can’t infect your IT infrastructure and kidnap your data to start with. Comprehensive security measures can keep threats at bay and keep the chances of another attack to a minimum.
We also recommend that you use multi-factor authentication to control access to your systems. All your staff should be trained so that they are well-versed in the security measures that protect your infrastructure and the reasons why cybersecurity is so important. If your employees are well-trained then the chances of a dumb mistake that enables a social engineering attack should be significantly lower. You should also pay attention to your user access controls.
Quikteks can help you put measures in place to prevent ransomware attacks. We also offer cybersecurity training, so that your staff will be familiar with how these attacks happen and what they look like when they do. To learn more, call us at (973) 882-4644.