You’ve been hearing a lot about preventing ransomware but what if your business has been caught off guard and disaster has struck? Your organization has come to a stand still and is compromised thanks to the latest and greatest ransomware threat that emerged over night. What should you do? RCS’s certified technicians are here to not just prevent but also assist in recovering from disasters like ransomware attacks with the help of our partners like Datto, Sophos, and StorageCraft.
So what should you do first?
First you’ll need to stay calm and try to retrace your steps to see if you can find where this attack occurred. For example was it a new document that was opened? Ransomware can even hide within an attachment or link in an email as well as on a website you or another user visited. If you are unable to perfectly recall where the ransomware first appeared it’s all right. Whether you were able to retrace your steps or not you should turn off your computer and if you can, also disconnect it so that you minimize the risk of your device possibly infecting other computers using your network.
Should I pay the ransom?
Just paying the ransom to retrieve missing files may seem to be the simplest and fastest solution but it unfortunately can backfire. By agreeing to pay the ransom you are trusting the hacker to immediately return what they’ve stolen and locked away, but on several occasions hackers have often just taken the money and disappeared. These cyber criminals have also become extremely difficult to track as they usually request their payments to be made in cryptocurrency such as bitcoin so that they can hide and go undetected on the network with their new funds. Because of this if possible it is important to avoid paying the ransom.
A way to decide on whether or not you should pay the ransom is based off of if you have backups of your devices or not. If you do then you can safely restore all of your infected devices to a state before the malware attacked. As for the missing files that the ransomware has locked away it will need to be determined if the files are of value or not. If the files can be replaced then you can avoid paying the ransom. However, if the files are of extreme value and cannot be replaced then paying the ransom will have to be considered.
Once you’ve determined you have ransomware, where it possibly came from, and have disconnected the infected device you should quickly inform everyone in your office or network of the threat and contact your IT provider so that they can take the appropriate steps of restoring your device and removing the malicious malware.
Recovering from disasters as quickly as possible is what our certified technicians are trained to do for our clients just like our partners Datto, Sophos, and StorageCraft. Providing efficient disaster recovery and prevention plans is our specialty and should you ever suspect your device may be infected then give us a call right away and we will work with you and our partners to solve the problem and get your business back on its feet!
By Resource Computer Solutions