Posts

I’ve Been Hit by Ransomware… What Now?

In an article titled “Best practices to remediate a ransomware attack” published through Business & Finance, Filip Verloy, Field CTO EMEA of Rubrik says, “As the use of remote working rises, so do potential threats and vulnerabilities, especially within a smaller business which might not have stringent home working security measures in place. People have been forced to adopt new ways of working at an accelerated pace.” Verloy states the importance of protecting your company from cyberattacks that could come as a result of remote working. He advises every company to “create a ‘work from home guide’ for employees, explain which tools are ok, what basic security measures are expected, and who is responsible for implementing them.”

The FBI has estimated that ransomware will be a $1 billion market in 2021. If a company or organization is not prepared, they may feel that paying the ransom is their only option. The recovery process can be very difficult because it is both expensive, and there is no guarantee you’ll get all your files back. Waiting until you fall victim to a cyberattack in order to develop a data recovery plan is not effective and can be detrimental to your business. It is important to decide now on a backup and recovery solution to ensure your data is secure.

Business & Finance published “Best practices to remediate a ransomware attack” to help you develop your ransomware remediation plan just in case an attack occurs.

You Have Been Hit by Ransomware – What Now?

1. Isolate the infected station from the network.

This is done to prevent the infection from spreading to other devices. Disconnect the network cable, WiFi, USB’s, etc. and turn the power off the affected devices to try and contain the damage.

2. Ensure backups have not been compromised.

Be sure backup data is not in read/write mode because it can be manipulated or deleted by the attacker.

3. Identify the infection.

Ask yourself the following questions: What kind of ransomware are you facing? How did it enter your system? Phishing scam? Stolen user credentials?

4. Determine your options.

There are several options available as you try to recover from an attack: pay the ransom, try to remove the malware, and recover from backups. Unfortunately, paying a ransom does not guarantee the recovery of all your data, and may encourage the attacker further because their attack was successful. Trying to remove the malware has become increasingly difficult as ransomware has become more sophisticated and mutates frequently. If you have a robust backup system, you should be able to restore all data from the most recent backup without paying the ransom.

After you have taken these steps, be sure to notify your team, discover which files are corrupted, restore your files, and inform law enforcement, customers, and other authorities. 

How to Prepare

One of the best ways to prepare for a ransomware attack is to make sure your data is backed up in multiple places. Joel Witts with Expert Insights said, “In the event of a ransomware attack, backing up data means you will be able to mitigate the loss of any encrypted files and regain functionality of systems.”

Trinsio offers full-featured, Rubrik-powered data management with global searchability, instant recovery, and data immutability. We also offer local and cloud data replication to be sure your data is secure. With more than 30+ years of experience in cloud, data center colocation, and communications, Trinsio can provide you with a solution you can trust.

Increases in Ransomware since COVID-19

“The coronavirus pandemic has sparked a massive increase in the number of cybercrime complaints flowing into the FBI these days” -Tony Ugortez, Bureau Official, FBI.

Critical Infrastructure Security Agency (CISA) has re-emphasized the need for effective cyber security and cyber resilience planning and testing during these times. At the same time, FBI Bureau officials have stated that IC3, the Bureau’s Internet Crime Complaint Center, is receiving 3,000 to 4,000 complaints per day, far above the typical 1,000 per day prior to the pandemic, according to a deputy assistant director of the FBI’s Cyber Division. “Not all of those are COVID-related,” she said during an Aspen Institute webinar, “but a good number of those are.”

Join us along with the Department of Homeland Security’s CISA to learn how to create, implement, and test an effective cyber strategy. You’ll hear from CISA and learn about their free and confidential cybersecurity assessments. You also hear from Lane Livingston, CTO of Trinsio, on end-to-end data management. and effective ways to protect, manage, and recover your data. The Webinar will be held Wednesday, June 4 2020 at 11:00 AM EST. RSVP will be available soon.

As a result of this rise in ransomware attacks, it is important to be sure your business is protected. Trinsio provides data management solutions, including data backup and recovery, all powered by Rubrik. With more than 30+ years of experience in cloud, data center colocation, and communications, Trinsio can provide customers with custom-tailored solutions covering all aspects of data management. With Rubrik, we provide enterprise-level complete data management to customers of any size. Our solutions address premise, cloud, and long term data storage.

Link to event: https://trins.io/events/webinar-with-cisa-create-implement-and-test-an-effective-cyber-strategy/