Ransomware: 5 Things To Know Before You're A Victim
| By: Sean Balogh
Ransomware has emerged as one of the preeminent tools utilized by malicious actors who target the data of businesses around the world. Follow these critical guidelines to help mitigate the impact such an incident will have on your business in the case you are faced with a data breach.
Disconnect, But Don’t Unplug
One critical mistake Ransomware victims make time and again is rushing to shut down their machine at the sight of a ransomware prompt. This is a terrible response because it will make data forensics a much more arduous process for in-house or external teams attempting to unravel the source, extent, and possible resolution to the breach. In this case, disconnect affected machines from the internet, but do not turn them off.
This is a critical time and your response will dictate the course of your recovery from this unfortunate event. As with many stressful situations that emerge in life, panic rarely results in a favorable outcome. Keep your composure, collect the personnel necessary to evaluate the situation, and prepare to enact your response plan.
The Recovery Plan
You've been breached.This is the moment you prepared for. Follow the steps of your carefully designed plan and follow through on every step as you work towards a resolution.
There is no rubric when it comes to data breach recovery plans. Each instance is unique to each business. Sit down with your in-house security personnel or consult with an external team to develop the ideal plan of action should you fall victim to ransomware or another malicious incident targeting your sensitive data.
Evaluating Backup Data
If at this point in the scenario you have not prepared a recovery plan or create backups for your sensitive data, chances are you’re feeling uneasy about the future of operations, potential legal action, and your company’s reputation. However, this is only a hypothetical situation and you now have the idea in your head that creating a sound recovery plan in the event of a breach and backing up important files can’t wait until after the fact. Don’t wait until it’s too late to prepare your organization for a breach. Take steps towards preparing a disaster recovery plan and begin backing up your files regularly.
Call In Data Forensics
Now is the time to perform an assessment with your in-house team or enlist data forensics professionals to determine the incident’s root cause, what, if any, data has been extricated from your systems, and if the malicious actor remains inside your system with unlimited access.
Contacting the federal authorities is another option that should be taken into consideration. Some cybersecurity consultants will tell you it’s a waste of time as the three-letter organizations get hundreds of reported ransomware events a day. Others will tell you it is imperative you contact federal authorities in the event you fall victim to ransomware. Alerting the authorities likely won’t have a detrimental effect on your status if you already found yourself the victim of a breach. Their experience and advice could put you on the right course to a speedy resolution.
Ransomware And Cybersecurity Checklist
- Commit an incident response plan to paper and practice it regularly, updating as necessary alongside new threats and security technologies as they emerge.
- Carry out ongoing penetration testing and vulnerability scanning. These are both examples of controlled probing of your own systems for chinks in your hardened systems’ armor.
- Keep your applications and operating systems up to date with the latest patches.
- Train your workforce in the best practices as they apply to cybersecurity. The largest contributor to breaches is human vulnerability.
- Continuously monitor your network integrity. This includes your anti-virus and malware protection software.
- Conduct quarterly or annual data audits and mapping to know where your sensitive data is, how it’s stored, and how best to protect it.
- Audit your external groups and accounts for vulnerabilities. Chances are good that a third-party you conduct business with can present a vulnerability if they are not following the same cybersecurity standards as you.
- Backup your data regularly and test your data recovery plan often. Simulated brute force, phishing, and attack scenarios can keep your teams on their toes and continuously aware of security.
- Understand your liability, the data protection requirements, and necessary compliance regulations in your jurisdiction.
About Encompass Solutions
Encompass Solutions, Inc. is an ERP consulting firm and Epicor Platinum Partner that offers professional services in business consulting, project management, and software implementation. Whether undertaking full-scale implementation, integration, and renovation of existing systems or addressing the emerging challenges in corporate and operational growth, Encompass provides a specialized approach to every client’s needs. As experts in identifying customer requirements and addressing them with the right solutions, we ensure our clients are equipped to match the pace of Industry.