Anyone who has ever had to remove ransomware knows that these attacks have only gotten slicker, craftier, and much more common. Research shows that ransomware attacks increased by 435 percent in 2020. They can cost as much as $40 million for a company when all costs are considered. Worst of all, ransomware can prove difficult to remove – doing so can take your files with it. When ransomware strikes, time is of the essence, and you can’t afford to make any mistakes. Here are the first five things you should do when ransomware strikes.
These Should Be Your First 5 Steps When Ransomware Hits
Ransomware is big business. According to the FBI, ransoms can range easily into the hundreds of thousands of dollars. That’s a hefty price tag for sure, but there are steps you can take in the face of this worst-case scenario. Here’s what the first five moves of your strategy to remove ransomware should be.
1. Isolate the Affected System(s)
Many types of ransomware are self-propagating. That means once they’re on a machine, they’ll dig through it to find other machines to infect. If a computer has been hit with ransomware in your office, the best thing you can do is isolate it from the others immediately. Once you’ve documented the message, take it off the network and disconnect it. That will prevent the malware from spreading throughout your office.
2. Confirm the Status of Your Backups
Having solid backups of all your files is the single best way to neutralize the threat of ransomware. Ransomware works because criminals gamble on the fact that many companies don’t have them – they’re often right. Backups can be costly, time-consuming, and unwieldy. Just make sure that you don’t go into your backups until you’ve adequately isolated affected machines. You may even want to consider holding off until you’ve connected with a ransomware remediation expert.
3. Connect with Ransomware Remediation Experts
Some guides will tell you to run your antivirus and anti-malware programs to remove the ransomware next. Only do this if you’re sure you won’t be paying the ransom and you’ve got backups at hand (or can afford to lose them). If you remove the ransomware from a computer can take files with it. It can also ensure that you won’t be able to decrypt what files remain. A better option is to call ransomware remediation experts. They’ll analyze the strain of ransomware you have, then remove the ransomware in a way that doesn’t take your files with it.
4. Get in Touch with Your Cyber Insurance Provider
Reach out to your cyber insurance provider as soon as possible and get a copy of your policy. Most insurance covers first-party damage (damages to your system and business) as well as third-party coverage (damages your customers or partners sustain). It may also cover the costs of data restoration, investigations, customer notification, and any legal ramifications that may arise.
5. Contact Legal Counsel
Having legal counsel on hand in the case of a cybersecurity incident or data breach can save you a major headache. Connect with a professional as soon as possible to discuss your legal obligations for the notification of affected parties or specific regulatory bodies.
We Can Help Prevent & Remove Ransomware
Ransomware is craftier, costlier, and uglier than ever before. When it strikes, it can seem like the end of the world. But it doesn’t have to be. Don’t try to remove ransomware on your own. Contact specialists who can be there in 48 hours or less.
Contact us now to get started scrubbing and securing your system.