If your device shows you a message such as:
“Ooops, your files have been encrypted”; or “Your files will be lost in 24 hours”; or “Send $300 worth of bitcoin”.
That can be a problem since it is a sign that you have probably been infected by a ransomware. Once you are sure that there was an infection, and it is not a phishing scam, for example, it is necessary to evaluate all possible options before making a decision.
Think about the protection of employees, customers, partners and shareholders. Besides that, measure the size of the attack, the importance of the data affected, the time your team must spend to repair the damage and the cost of it all.
We have created a list of 8 tips that you should consider once your business have been attacked by a ransomware.
What to do if you are infected with ransomware
1. Do not pay the ransom, initially.
This is an important decision that requires discussion. The FBI also recommends that the ransom should not be paid, since you have no guarantee that the hackers will release the access key and unlock your files and devices. There are companies that never have received the key and others that had to pay more than they initially agreed to.
2. If you don’t have an IT team, contact a cybersecurity company. They have the resources to give you an overview, and show you the possibilities and the best ways out.
3. Exclude Registry values and files to block the program.
4. Remove and isolate affected devices from your network so that you don’t put other machines at risk. Keep in mind that threats in general spread quickly.
5. Partially affected devices also need to be isolated quickly so that the data that hasn't been locked yet can be recovered, and files infected can be analyzed.
6. Secure your back up, and ensure its system is working and has not been corrupted.
7. Change all the account and network passwords.
8. Contact your local law enforcement, such as the FBI. They can help you a lot. In addition, you are also helping the authorities to find and arrest the criminals, avoiding future frauds.