Ransomware is one of the most crippling cyberattacks – catching victims unaware and causing long-term consequences for the companies that become infected. In the moments following an attack, the actions you take can determine how much the attack will cost your company and how widespread the damage is. In this article at Forbes, Mark Weatherford shares tips on how CIOs and CISOs must deal with the ransomware threat effectively.
Immediate Steps to Take After the Attack
Trace the Attack
The most common way of a ransomware attack is through a malicious link or email attachment. If you have failed to patch your entire network, your entire system will end up becoming infected. Therefore, locate the machine that was initially infected and identify if your employees have opened any suspicious emails or noticed any irregular activities on their device.
Take the Unaffected Devices Offline
After tracing the infected device(s), take all other devices that are connected to your network offline to prevent the spread of the ransomware. Remember, if one device on your network is infected with ransomware, the chances are high that it could quickly spread to other devices while putting your entire network at risk.
Assess the Damage
If ransomware attackers steal your secure documents that contain financial or legal information of your organization, you can potentially be prosecuted for subsequent data breach lawsuits from customers. Therefore, prepare a robust risk management plan and ensure to protect any personal information.
Never Pay the Ransom
Many experts suggest that you must never pay the ransom. Choosing to pay ransom doesn’t guarantee that you will get your files back.
“A ransomware attack is a gut-check time for the CIO and CISO, but companies that do the simple things to prepare have a greater chance of surviving,” says Mark.
To read the full article, click on https://www.forbes.com/sites/markweatherford/2020/07/29/cios-tackling-ransomware-attacks-after-garmin/#255fe95e6a22.