READ TIME: 5 MIN
- February 7, 2020
Your company was just hit with ransomware. What next?
Hypothetically speaking, you open your laptop and there it is, a ransom note telling you that all your company’s data has been compromised. Your emails, accounting information, customer data, everything is compromised. The message tells you that there is one way to get the data back and that is to pay large sums of money to the hackers who have your data held at ransom. I’m sure that we can all agree, that sounds like a really bad day.
The harsh reality is that this scenario is not as rare as corporate perception implies. There are mitigating steps that can be taken and most importantly…being proactive is key. Prevention is much more seamless than reaction. Partnering with a managed service provider is the best way to ensure that your data is protected against attacks such as these. But, there are a few immediate preventive steps that should be taken.
- Conduct a 3rd party Cyber Security Risk Assessment. Have your IT provider conduct a thorough cyber security risk assessment to provide an objective view into any vulnerabilities that could put your business at risk. Even if you rely on an internal IT department, this outside assessment will provide the needed insight your business requires.
- Train your employees…constantly. Training employees on best practices in cyber security is a must in today’s everchanging cyber security events. You can even send internal phishing emails that will test your employees as to whether they may accidentally divulge sensitive corporate information.
- Backups, lots of them. Having a backup server on-premise, in the cloud, or (preferably) both provides extra assurance that you can access your files during downtime. In the event your business’ data is compromised, a solid backup that is continually updated and checked will be vital to getting your business back up in running within hours versus days or weeks.
Unfortunately, there are businesses that do not come back from such attacks. The amount of business closing their doors as a result of cyber-attacks can be staggering. Taking the above mentioned initial steps is a start to prevention, but it is only the tip of the iceberg. Take time to meet with your IT provider that will connect you with a qualified cyber security consultant to determine a full cyber security strategy.
Even with prevention, there may come a time when you need to urgently address a cyber security threat to your network. The following are steps to be taken if you find yourself in this situation:
-
Prevent
First, make every effort to prevent a cyber-attack by training your office staff to not click on suspicious email links or attachments. Put all your staff through official cyber security training. -
Unplug
Unplug your network cable from your computer and/or turn off your WiFi. If you are infected, doing this will prevent the cyber-attack from spreading within your office. -
Power Off
If you have any level of concern that your computer has been infected, power off the machine immediately. -
Phone
Call your IT or Cyber Security Service Provider immediately. Whether it’s 3 PM or 3 AM, your provider will take the necessary steps to check your entire infrastructure for possible infection. -
Infected
If you are infected, your service provider may need to restore your system from your Back Ups. Make sure your Back Ups are always up to date.
Beware! Many businesses immediately pay the ransom as a kneejerk reaction. Often, paying the ransom does not guarantee that you will get data back. Consult with your managed service provider before doing this. They will assess the situation and make sure that all factors are considered before creating a solution.
Paying the ransom may seem like the easiest way out, but it brings on other concerns and raises red flags. Once a cyber criminal realizes that you are willing to pay the ransom, they are likely to repeat attacks in order to get the same results- more money in their pockets.
One trend that you may recognize throughout this article is the importance of having a managed service provider before, during and after this process. If your company does not have an outsourced IT department, feel free to contact NexusTek at the link below to discuss options for your business and to be proactive when it comes to ransomware.