How to survive a Ransomware attack in 3 simple steps

August 29, 2016

3 min read

Dale Shulmistra

Business Continuity Specialist @ Invenio IT
hipaa disaster recovery plan

How to survive a Ransomware attack in 3 simple steps

by Aug 29, 2016Business Continuity

Prepare your staff to survive a Ransomware attack today

We all hear about the basic rules of Ransomware prevention. There’s phishing, keeping your systems up to date, using wireless networking, social engineering and the list goes onHowever, it’s truly remarkable how little guidance is out there on what to do when there has been a breach (seriously, google it, there is nothing about how to survive a ransomware attack). And, as Lance James, a Flashpoint and Consulting Detective as well as one of the world’s leading crimeware experts, said at XChange 2016: “It’s not a matter of if, but when you’re going to get hit.”

That said, it is absolutely imperative that you talk to your staff about a possible attack and train them on how to respond.

For example, Lance James as well as the FBI Cybercrime Squad have found that employees typically feel ashamed when they get infected with ransomware. They are embarrassed that they were duped–and, as a result, they are complying with the demands of cyber criminals without fully considering the implications or following company protocol.

As IT leaders, we need to start training our staff on how to deal with infections and exploits as a precautionary measure. To start you off, here are three simple tips to help you and your organization prepare and ultimately survive a ransomware attack (without paying a penny):

1) Acknowledge the possibility of an attack.

While we absolutely need to take precautionary steps to avoid a breach, your staff needs to know that unfortunately, it may still happen. The truth is, there are new exploits being developed every day and the reality is there is no way to protect against them. In fact, the social engineering today is so advanced, that if a cleverly crafted exploit is targeted to your organization, it’s highly likely that at least one user will click that link. 

When companies start talking about the possibility of an attack, employees feel less ashamed and are less likely to give in to the demands of cybercriminals. Right now, ransoms are primarily about cold, hard (untraceable) cash. And, maybe that won’t break a business. However, criminals are starting to get even smarter, demanding intellectual property, client info as well as financial records, which could have irreversible effects on a business.

2) Communicate the process for a breach.

Make sure you establish a disaster recovery plan that takes into account ransomware and share it with staff. 

For starters, employees should know they are not authorized to communicate or negotiate with the extortionist. In addition, staff should understand there is a business continuity plan in place that safeguards against cyber attacks as well as know the proper procedure for reporting a incident. Make sure the recovery plans are practiced regularly and also updated based on evolving threats.

3) Breathe deeply knowing your business is protected.

While cyber threats are serious and not always preventable, there is a safety net. Investing in a business continuity plan that offers quick and easily accessible backup in the cloud is your ace in your sleeve. For example, solutions like the Datto SIRIS 3, allow for all data and servers to be recovered virtually instantaneously–whenever they are needed. Because of the hybrid cloud technology, entire infrastructures can be spun up in the cloud in as few as six seconds as soon as an incident is identified and reported. This renders the extortionist powerless and allows you to rest a little easier knowing that while you may not be able to prevent all cyber attacks, you do have a backup plan.

Continuing the dialogue on ransomware

The threat presented by ransomware is real and should be taken seriously. How to respond and recover from a ransomware attack is just as important as preparing to prevent them (or at least as many as possible). That said, we will continue to share information that goes into more depth about the realities of ransomware and what to do to prepare and recover from an attack. Stay tuned and stay safe. . .and make sure you have a backup plan in place to ensure your business can survive a Ransomware attack.

Business Continuity Specialist @ Invenio IT