The message reads, “Your network has been penetrated. All files have been encrypted. We exclusively hold decryption software for your situation.” Those dreaded words indicate the presence of ransomware and the stuff of nightmares. However, with advance preparation, you can prevent ransomware from crippling your organization.
Thousands of organizations, from hospitals to schools, city governments to corporations, have fallen victim to ransomware. Attacks continue to increase in frequency and sophistication. But your organization does not need to become a statistic. The key lies in minimizing the risk of attack, detecting attacks early and responding effectively.
Organizations can significantly reduce ransomware damage and resulting costs by making wise IT investments before an attack occurs. Surprisingly, despite the billions of dollars lost to cyber-attacks, too many companies fail to implement some basic security measures such as the following.
In the case of cancer or a heart attack, early detection significantly increases the chances for a positive outcome. The same wisdom holds true in cases of ransomware. Ideally, anti-malware will discover and halt ransomware before it causes damage. In addition, teach employees to recognize early indications of an infection and alert IT.
For example, a sudden influx of popups, files that refuse to open or programs that fail to work as expected may all represent a possible attack. Users should also periodically check their Sent folders for emails they do not recognize. Finally, employees who encounter encrypted files, locked drives or ransomware notes should immediately notify security personnel.
Any 12-year old scout can recite the basics of first aid procedures for a broken arm or a snake bite. Likewise, a few early remediation measures can help to prevent ransomware from spreading.
Once a device has been infected, isolate the device and contact your security team. Immediately disconnect the device from the network and remove any external hard drives, USB drives or other devices. Disable Wi-fi and Bluetooth. Next, take a photo or screenshot of the ransomware note. Then power down compromised machines and label them as infected.
When you have isolated infected devices, limit access to the rest of the network. Force password changes across the board so that hackers cannot use previously obtained credentials to gain access.
With stop gap measures in place, you can begin to determine exactly what type of ransomware you are dealing with and develop an appropriate response. The FBI can assist with this process and will usually respond within a day. Do not rush to restore from backups until you know you have removed the hackers from your system. And, do not pay the ransom.
As you work to prevent ransomware, ensure early detection and respond to attacks, enlist the help of qualified security experts. eMazzanti can help you implement comprehensive, multi-layer security and, if needed, walk you through crisis control. For organizations with limited IT resources, we provide reliable managed services to keep your valuable information safe.
The FBI reported that cyber attacks against government facilities saw an increase of almost 36…
In today’s fast-paced, technologically advanced world, businesses of all sizes increasingly rely on digital systems…
You likely hear terms like "blockchain," "machine learning," and "cloud computing" without considering their real…
In today’s fast-paced digital landscape, businesses cannot thrive without effective collaboration. Microsoft continues its unwavering…
An email signature accomplishes much more than simply telling readers who you are and how…
Cyber security professionals work hard to safeguard companies’ information. But with criminals constantly changing their…