News & The Industry

To prevent a ransomware attack:

Keep clear inventories of all of your digital assets and their locations, so cyber criminals do not attack a system you are unaware of.

Keep all software up to date, including operating systems and applications.

Back up all information every day, including information on employee devices, so you can restore encrypted data if attacked
.
Back up all information to a secure, offsite location.

Segment your network: Don't place all data on one file share accessed by everyone in the company.

Train staff on cyber security practices, emphasizing not opening attachments or links from unknown sources.

Develop a communication strategy to inform employees if a virus reaches the company network.

Before an attack happens, work with your mangement to determine if your company will plan to pay a ransom or launch an investigation.

Perform a threat analysis to go over the cyber security throughout the lifecycle of a particular device or application.

Perform penetration testing to find any vulnerabilities.

Mitigating an attack

Research if similar malware has been investigated by other IT teams, and if it is possible to decrypt it on your own. About 30 percent of encrypted data can be decrypted without paying a ransom

Remove the infected machines from the network, so the ransomware does not use the machine to spread throughout your network.

Decide whether or not to make an official investigation, or pay the ransom and take it as a lesson learned.