Ransomware is a type of malware that encrypts your data until the ransom is paid. There are many types of ransomware, including CryptoLocker and Petya. It is constantly changing, which makes it difficult to protect yourself against. Even though the ransom is on average $4,300, it can cost as much as $46,800 to shut down a single attack.
What should you do if ransomware is a problem? This checklist will help you make sure that you’re taking the correct steps.
1 Turn off infected systems right away
To prevent spreading the virus, turn off Wi-Fi and Bluetooth on infected devices. Disconnect any storage devices, such as USB and external hard drives.
2 Determine the ransomware strain and the scope
Ransomware is usually identifiable so knowing which strain you have can help you determine how to get rid of it. This information is useful for reporting an attack. Next, find out how many devices were affected and what data was encrypted.
3 Report the ransomware attack
Not only should you inform your company about the attack, but it is also important to notify the FBI and your local authorities, depending on where you are located. This will help them understand ransomware’s impact on victims and how it works.
4 Evaluate your options
You have two options if you don’t have backup: do nothing, lose your data, or use a third-party decryptor to decrypt your files. You can also pay the ransom if all else fails. However, this increases your chances of being targeted again.
5 Prevent future ransomware attacks
Your employees must be educated about cybersecurity awareness to prevent future ransomware attacks. Endpoint security should be a priority. This can include a firewall or a third-party service that protects against ransomware. A business continuity plan should be implemented. Although ransomware attacks can’t be prevented, business continuity can help to prevent them from happening.