Organizations from many sectors have recently fallen victim to the popular cyber threat known as ransomware. As per the Malwarebytes survey in the year 2016, the UK businesses are found to be the largest number of victims being hit by the ransomware in the world. It also proved that UK businesses were also more likely to pay the ransom, which was almost 60% as compared to a survey average of 37%. So, if your corporate server is infected by ransomware, at least feel happy that you’re not alone.
Today, ransomware has become a big threat to companies and the bad news is that it’s on the rise. It has increased in frequency and severity and become a standard part of the company’s daily threat landscape. You won’t have any recovery option from ransomware if you haven’t prepared yourself for the attack. So, how well you have planned and prepared for ransomware attack decides how quickly and effectively you can recover from the ransomware.
Before you’re attacked
The steps given below can help you to reduce the impact of ransomware attacks on your company’s system.
Protect distributed data
Arrange for regular backups across devices, desktops and cloud apps. Using a cloud backup is the best way as it provides off site storage.
Backup distributed data
Employ a backup plan or strategy that covers 100% of your user base. If not, review and validate your backup plan to make sure that all the end user data are protected.
Review the scope of your backup data
Ensure that you are protecting all the sources where the critical business data are stored. This lets you to restore all the data when there is an attack.
Check Backup Frequency Across Distributed Teams
It is highly recommended that you backup your data every four hours and every two hours for important users. You can also choose a different backup frequency based on the different users and their importance.
Check your retention policy
Your data retention policy might vary depending on your industry’s rules, regulations and policies. But having a longer retention policy will help in longer data retention and easy data recovery.
Test your backups frequently
Having a backup is not a “fix it and forget it” solution. Regular backup tests should be conducted to ensure that you have a strong back, which is more effective to protect your data when there is a ransomware attack.
After the attack
Don’t pay the ransom
You might be tempted to pay the ransom thinking that you can get back your data quickly, but there is no guarantee that the attackers will unlock all your files after the payment. Do not make the payment.
Disconnect the infected device from the network
Once you find out the infected device, immediately shut down those systems. Usually ransomware spreads through a network connection, so the quicker you disconnect the systems, the better you can stop spreading the infection. You can also take all your drives offline till you find out all the infected systems. Keep on monitoring whether any new files are getting infected.
Find the source
Take steps to find out who experienced the symptoms of the attack and when was it. Find out whether it was from an email or unusual prompts from the web browsers. Knowing these details will let you know how the malware got into the system and will also help you prepare for any future ransomware attack.
Alert all the users
Send a notification to all the users about the attack so that they all will be aware of what is happening and what they can do for it.
Restore the data from backup
The best method for data recovery without paying the ransom is to retrieve the data from your backup. Using your automated backup solution and the information about the attack, you can go back to the uninfected snapshot of all the user’s data. You can get the help of an expert data recovery company to retrieve back the data safely. Data Retrieval Ltd is one of the best data retrieval companies for data recovery in London, offering best data restoration services for businesses, organizations and home users who are experiencing a drive failure.
Reimage the infected system
Reimaging the infected system is the only way which can give confidence to your organization that ransomware has been completely removed.
Thus, having a comprehensive backup plan is the only way to recover from a ransomware attack. By following the above steps you can reduce your company’s exposure to ransomware or any other malware risks.