3 Ways to Recover from Ransomware Attacks

February 23, 2017

5:50 pm

Ransomware has become a $1 billion-per-year industry, and the threat is exploding. While a recent cybersecurity report identified 3.8 million unique ransomware attacks in 2015, that number skyrocketed in 2016 to more than 638 million attacks. Because ransomware attacks are typically initiated through email, they can affect businesses and organizations of any size. No one is immune.

A typical ransomware attack begins when an unsuspecting user clicks on a link, downloading software that encrypts the files on their computer or device. Unless the software is stopped, it will spread to the server network and encrypt all of the important data on the central servers. The software then sends a ransom demand, often for hundreds or thousands of dollars in Bitcoin, which must be paid before the hackers will provide a decryption key. If the ransom isn’t paid immediately, the price will escalate.

How can your business recover from a ransomware attack, get your data back, and make sure it never happens again? By following these three key steps, that’s how:

Damage Control

In a recent survey, 40 percent of corporate victims reported that ransomware spread across their networks from a single device. As soon as you discover that a computer or device has been infected by ransomware, it’s imperative to take it offline. That way, you can isolate it from the network in order to prevent the ransomware from spreading. Otherwise, you could end up paying the ransom only to find that the infection has spread elsewhere on your network, forcing you to start all over again.

In some unfortunate cases, the criminals behind the attack may try to extort additional ransom payments for each infected computer.

Evaluate Your Loss

If your system has been hit by ransomware, don’t assume you can call IT to fix it. The programs used by these hackers utilize complex mathematical formulas to encrypt your files. Realistically, your only options are to pay the ransom or lose your data. There is no third option.

You need to evaluate the situation: is this going to be damaging to our business if you don’t get these files back? Unless you have the capability to restore the entire server from the backup, your only option to get your files back is to pay the ransom. Unfortunately, because you’re dealing with criminals, paying the ransom is no guarantee that your files will actually be returned to you. It’s entirely possible that you may pay the ransom and still lose your data.

Protect Yourself Against Ransomware

In the aftermath of a ransomware attack, the first order of business is to create a reliable backup. Maintain the backup and test it on a regular basis to verify that it will be ready if you ever need it. That way, if your system is infected by ransomware again in the future, you’ll be ready.

There are other steps you can take, too. Set up anti-spam to block suspicious messages before they land in anyone’s inbox. Make sure your network firewall is in place and install antivirus software both on your server and at all workstations. Finally, train your users to be aware of suspicious-looking emails. Before they click any links, instruct them to call your IT professional.

Read more about cybersecurity here on Tech.Co

Did you like this article?

Get more delivered to your inbox just like it!

Sorry about that. Try these articles instead!

Tom Andrulis is the president of Intelligent Technical Solutions, which helps businesses across Nevada and California thrive by managing their networks, cloud services, phone systems, and internet connections.

Leave a Reply

  • (will not be published)