Ransomware attacks continue to occur – and no industry is safe from them. When a ransomware attack occurs, employees may feel the only option is to pay the ransom so they can retrieve their files. It’s an unfortunate situation that many are faced with and the process of getting operations back to normal can be overwhelming for many. Here are a few things you should do if you become the victim of a ransomware attack:
Contact law enforcement officials immediately. Government officials are focusing more efforts on cybersecurity, which is a top concern across the country. By contacting the police and FBI in a timely manner, you are helping them spot trends and make potential connections between attacks.
Restore from your last secure offsite backup. Do you perform backups on a regular basis? In addition to having a backup on site, it’s a good idea to have a cloud-based, offsite backup of your data as well. This is one way to recover some of the data you may have lost in the attack as it was likely not compromised.
Determine how the attack occurred. Once you have retrieved your files and can return to operations, it’s time to determine how the attack occurred and take appropriate action to minimize the chance it will happen again. Ensure your operating systems and applications are updated and patched. Test your backups. Formulate and test your Disaster Recovery plan. Tighten your security policies and controls in your environment.
The most effective strategy to stopping such attacks is to build a layered defense within your network. Installing a next generation firewall, updating your anti-virus, conducting regular backups, and developing and testing your Disaster Recovery plan are just a few ways to protect your network and files. It’s also important to consistently provide end-user training for your security policies. For more information on how we can help you minimize your risk of a cyberattack, contact us today.