What Should You Do?
First, don’t pay the ransom, this may get you into more trouble. Reuters addressed how a company could be prosecuted for paying the ransom to cybercriminals. Remember, the primary reason hackers perform ransomware attacks is because they’ve successfully made money previously.
Second, isolate the infected device to stop the spread by disconnecting the device from your network/internet.
Third, identify what data is affected. You want to know what data you’ve lost so that you can know what data needs to be restored.
Next, identify the type of ransomware you’re dealing with. Then, even if you can’t identify it, report the attack to the authorities. If your business has a disaster recovery plan, this is the time to implement it. Then, if you know what data has been lost you should be able to restore it from your backups. But what exactly is a ransomware attack?
What is a Ransomware Attack?
First and foremost, this attack is malware that prevents victims from accessing personal data and/or entire systems. To regain access to data, the hacker demands a ransom. Cryptolocking ransomware, a.k.a Screenlockers, locks your files with strong encryption. Doxware steals your private data and the hacker threatens to make it public. Ransomware-as-a-service is a service that cybercriminals use to sell ransomware attack viruses to less tech-savvy criminals. There is also ransomware on your mobile device, usually done via social engineering attacks with social media. But the common targets aren’t usually the companies that can afford the downtime.
SMB’s Are Common Targets
A ransomware attack is most often aimed at SMBs since they tend to be less protected, whereas larger companies usually have strong guards. If your company isn’t concerned about ransomware then you won’t invest money or time in security, which makes you a target. An attack can have costly repercussions due to all the downtime created. Back up your data, create recovery policies, utilize next-generation firewalls, and establish and implement safe internet practices.
Of course, the amount of time and energy that goes into recovering from a ransomware infection is much more than the costs of investing now. Consider our Managed Security Services.