Ransomware Fire Image

Steps to Follow If Your Business Has Been Hit by Ransomware

Ransomware attacks can be extremely stressful. We understand just how detrimental they can be to your systems and are here to offer advice in remediating the situation, should you find yourself under attack.

If you’ve been hit by ransomware, there are a few key steps you should follow:

  1. Contain and Neutralize

The first step with any sort of ransomware attack is to determine if the attack is still happening and to react as quickly as possible. If you don’t have a solution in place to stop the attack, then you’ll need to isolate where the attack is. Unplug the network cable or turn off the WiFi for the network segments that are affected and consider shutting down devices if you’re unable to do so.

At this point you should inform your teams of what has happened (do so offline in the event your communication is at risk) and assess the damage. Figure out what systems have been affected and if there is any loss. You’ll want to get your IT team working immediately to get a comprehensive understanding of what has been breached.

  1. Investigate

With your systems neutralized, it’s time to do a deep dive to see what exactly happened so you can not only understand how your business has been comprised and to also put a solution in place to reduce the risk of this happening again. Somethings you’ll want to know:

  • How long were your systems under attack?
  • What method was used to breach your network?
  • How many accounts were compromised?
  • Were backdoors installed in your network?
  • Are your backups up to date and uncompromised?
  • What data was exfiltrated?
  • Was your security disabled?

  1. Enhance Your Security

With ransomware attacks constantly evolving, it’s important to have a solution in place that is up to date and proactively protecting your system. There is no one size fits all solution when it comes to security. You want a solution that is in-depth and covers your unique business needs. Consider a cloud-based solution with multi-factor authentication and role-based administration. It is critical to always have updated backups as well.

If this seems overwhelming, know that the NSA Touch is here to help. We have over 35 years experience helping businesses just like yours stay protected from today’s latest ransomware threats. If you’re ready to put a solution in place to protect your business, don’t hesitate to contact us today.

Search for Solutions, Webinars, Nuggets and Other Helpful Resources