Recognizing and responding to ransomware
Responding to Ransomware
Ransomware still ranks as the most significant malware threat facing businesses. It will most frequently originate in phishing emails (emails which appear to be authentic, and which trick the user into clicking a link or opening an attachment. These malicious links or attachments deposit code onto the computer which search out all available data on the computer as well as on the network. The code then encrypts all of this data, locking out users from opening files.
How do you recognize a threat? Dolce Vita works with our clients to provide free training. Never trust any email - the sender might have “spoofed” an authentic user. Never trust any search result - malware actors actually have skilled search engine optimization and marketing professionals who can drive phishing websites to get very search scores.
What do you do?
Take a photo of any warning message if possible - this helps with forensics. And do NOT call or use any of the offered links or phone numbers!
TURN OFF YOUR DEVICE IMMEDIATELY - If you even SUSPECT you might have malware, turn off your device. If it will not shut down normally, hold in the power button until the power goes off. If the device is infected and left running IT WILL CONTINUE TO DESTROY DATA.
Report what happened with the user and device names to your supervisor or to your IT group.
Is anyone else affected?
What next? If the infection is killed quickly, then recovery may be as simple as turning the device on (off the network) and scanning for malware. Or the damage may be more extensive.
The critical nature of business continuity - if you do not have excellent business continuity in place, then recovery from this attack may be painful and extremely expensive. Business continuity begins long before any attack with identification of all data locations, their backup protocols, assessments of maximum permitted downtime for different types of data, and testing of the recovery plans. It also entails appropriate security measures on data repositories and a solid incident response plan which has been rehearsed.
Call Dolce Vita at 405-348-1192 today to get assistance with planning ahead and user training!
