As more and more businesses adopt new technologies, the more susceptible and vulnerable they are to cyberattacks. According to a 2017 report from AT&T, 80 percent of companies acknowledged that they experienced some form of a cyberattack. Fast forward to 2020, these incidents have become even more common. It has come to the point that falling victim to a cyberattack is no longer a question of “if,” but rather “when.”
One of the most common cyberattacks these days is ransomware, which is a type of malware that encrypts your data, effectively holding it hostage, until a ransom is paid. This type of malware comes in many forms and is continually evolving, making it more challenging to fight against. While the average amount of ransom requested amounts to $4,300, the average downtime it causes can cost as much as $46,800.
If you’re running a small business, you may not have the resources to invest in tools that can safeguard every aspect of your network. However, at the very least, you should have a contingency plan in place.
Last week, we went over five security components for defending against ransomware. Putting strong security measures in place can keep your systems from being infiltrated in the first place. If your network has already been infected, however, you’ll need to mitigate the impacts.
Refer to this checklist to ensure that you’re steering your company in the right direction:
1. Shut down infected systems immediately
You don’t want the hackers to encrypt more of your data, so instead of waiting for the ransomware to spread, it’s best to immediately power it off and disconnect it from the network. Also, make sure to turn off connections like Wi-Fi and Bluetooth, as well as unplug storage devices, such as a USB flash drive or external hard drive.
2. Determine the strain and the scope
The strain of ransomware refers to which type of encryption was used in the attack. Ransomware usually reveals what type it is, so it would not be difficult to figure out which strain it is. Once you determine the strain, it would be much easier to remove it. This information also helps when you report the attack. After determining the strain, the next thing to find out is the number of devices infected, as well as the data that was encrypted.
3. Report the incident
You should let the rest of the team know about the attack, so they’re aware, and you should also report it to the FBI and local authorities. That allows them to gain a more thorough understanding of the ransomware that attacked you and its impact on the victims.
4. Evaluate your options
The best thing to do after you’ve confirmed a ransomware infection is to restore your data from your offsite data backup solution. If there isn’t a backup solution available, then you have the following options: (1) do nothing at all and let go of the data lost, or (2) decrypt your files using a third-party decryptor. If none of these are ideal, you can succumb to paying the ransom. However, it’s important to remember that this option may only increase your chances of being targeted again.
5. Prevent future ransomware attacks
If you get targeted by ransomware, do everything in your power to prevent it from happening again. Make it a point to educate your employees on cybersecurity awareness. Invest in a firewall with security services such as intrusion detection and prevention and country filtering. Click here to see our recommended security solutions
Following the steps above can help you mitigate the damage of ransomware should your company fall victim to it. If you need help in securing your systems, get in touch with us. We provide IT solutions tailored to your needs!