If you are not prepared, ransomware can be expensive. When one law firm was attacked, the total cost added up to $725,000 between the paid ransom and lost business. The attack began when a lawyer at the firm opened an infected attachment, which infected the firm’s entire computer network. To get their encrypted files back, the firm had to negotiate with the hackers and pay a total of $25,000 in ransom to a bitcoin account.
While the cost of these attacks can be substantial, there are ways to minimize your loss. By putting the following into practice, you can keep ransomware from negatively affecting your business:
- Before you are hit: back up everything.
All data should be backed up on a regular basis. Look into cloud services that will do this for you automatically. That way, should an attack occur, you do not have to choose between paying the ransom and losing your data. Back-ups should be performed on a regular basis and before an attack; you do not want to risk infecting your back-up files.
- Disconnect and shut down the infected computer immediately.
Once ransomware hits one networked computer, it can migrate to other connected ones. The second you see a sign that your computer has been compromised, shut it off and summon someone from IT. They will be able to start the computer safely to diagnose the problem and determine whether further action should be taken.
- Decide whether to pay the ransom.
Ending the attack is not enough. In most cases, your computer’s files will be encrypted in a way that makes them useless without the decryption software. If your data is not properly backed up, the cost of the ransom may be less expensive than going without the files. Remember, however, that paying the ransom does not guarantee you will receive an encryption key. Even if you do receive a key, there is no guarantee it will work. Lastly, paying the ransom emboldens the hackers and shows that you are an easy target who would pay again. As you can see, there are pros and cons to paying the ransom. The best option is to purchase cyber coverage in advance, as cyber insurers have highly trained experts who will work to retrieve your locked data and restore your IT systems without caving in to hackers.
- Make a plan for the future.
Once the current attack has been handled, learn how it occurred and what actions you can take in the future to avoid another incursion. A lot of ransomware comes from infected attachments. Create a policy regarding the handling of attachments, such as how to screen them before deciding whether they should be opened. You can also install filters on staff computers that will prevent visits to the sorts of compromised sites that may carry ransomware.
As hackers get more clever, it’s vital to stay alert and informed. By being vigilant against future attacks, you can keep your systems running and avoid costly ransoms and delays.