Ransomware is becoming common. We are getting a lot of calls for help with incident response. Here’s a couple of things to think about, in general, around ransomware attacks.
1. Backups are your first line of recovery – just think about making sure they aren’t infected as well, so that you don’t restore infected files
2. Paying the ransom can be hairy – in some cases, paying the ransom could be a crime (think money laundering, banking regulations and the Patriot Act…), plus having a process to pay in bitcoin, even if you wanted to – in the time provided – is often a challenge
3. Some ransomware is recoverable – so check for options
4. Measure business impact – is re-creation of the data viable at a cost less than the cost of paying the ransom, including the work of paying the ransom – sometimes yes…
5. Can you identify the failed controls that let you get infected? – If so, fix them, if possible.
These are a good place to start. Think about ransomware, your incident response process and current capabilities. Check your backups and have multiple sources. Be prepared instead of panicked.
New Blog Post: Ready for Ransomware? https://t.co/LT9BsDVrag
Ready for Ransomware? – Ransomware is becoming common. We are getting a lot of calls for help with incident res… https://t.co/EXRGYFgPMB
Ready for Ransomware? | MSI :: State of Security https://t.co/PTHrjpfKsb
Here’s 5 Things to Think About with Ransomware Popping Up More Often. #ransomware #infosec #hacking #security https://t.co/F2wvY7QrJq
Ready for Ransomware? #infosec #cybersecurity #proactive #preventative #bestpractice https://t.co/OlGjQWgF85