Three Responses After a Ransomware Attack

If you are unfortunate enough to be the victim of a ransomware attack, there are basically only three options of recovery available. Ransomware is a type of computer malware that encrypts your data and holds it hostage for money. It has become increasingly common for criminals to attack governments, businesses and non-profit institutions.

Why is ransomware so nasty? Because it steals the most important thing your business possesses. Data. Worse, once infected there isn’t generally a way out. No one can “disinfect” your machine or network. You aren’t going to be able to call in IT support to solve the problem. Basically, you have three options.

1. Pay the ransom. This payment is usually via credit card or bitcoin (a digital currency). Some ransomware viruses even provide help lines if you’re having trouble. Of course, there are no guarantees your will get access to your data – these are thieves you’re dealing with.
2. Don’t pay and lose your data – This has its obvious downsides, unless…
3. You have a safe, clean backup. In that case, you are stuck with the nuisance of restoring your data with the backup, but you aren’t out any money. However, this comes with a caveat: your backups have to be clean. The problem with ransomware viruses is that just making backups may not be sufficient to protect your data, as the backups can be infected also.

As you can see, the first two options aren’t very favorable solutions. The only real defense against an attack is the third option. You have to be prepared ahead of time with a safe, segregated backup. Be sure to get the advice of a specialist on how to protect your data from this very serious threat to your business.

Beyond data recovery, it’s important to consult with your insurer–you likely need to notify customers if there is a chance of Personally Identifiable Information (PII) has been part of the breach as it will likely soon be for sale on the dark web.

Furthermore, the FBI and CISA track these incidents and reporting with one or both agencies is advised. You can find the tools here.

Suffering a ransomware compromise can be an enormous interruption to normal business operations and cost you significantly. Take steps now to ensure you have the means to recover as quickly and efficiently as possible.