Ransomware. The word alone makes me break out in a cold sweat. Thievery is the worst, but holding someone hostage to steal from them is the ultimate insult. If you’ve ever been the victim of a ransomware attack, you can probably identify with the cold sweats and the level of anger and frustration the insult produces in us. As a security professional, there aren’t too many things that cause the same amount of anxiety as a ransomware attack. As with all things in life, “it’ll never happen to me” is our usual thought… but when it does happen — whew! it hurts and makes us really angry!
Well, if you ever find yourself in this position, the very first thing I recommend is walk into your office, close the door, sit down and take a deep breath. Let it out slowly and then take a second deep breath. Now, one more deep breath to make sure you have managed to control something, because it’s about to get crazy and you have to have a cool head in a really bad situation.
In a perfect world, you already have planned and practiced this scenario and know where the documentation is that is going to guide you through this trauma. Oh shoot! This is the real world and all that documentation got encrypted by this ugliness, too. Okay, take that breath again and let’s figure out how to approach this injustice.
How many systems are we talking about that are infected? Don’t turn the computers off, but do get them isolated and offline. Now, let’s move through our plan we put in place because you have the printed checklist filed and ready to be executed.
If you don’t have that plan, let us help you develop it. You can start by downloading our free Centriworks step-by-step guide that will help you work through the process to recover from a ransomware attack. Use the form below to access the free download.
— Todd Sheppard /// Centriworks Chief Information Officer