Ransomware 101 – Part 1: Preparation

This is part one of a three-part series on how to protect your organization from a ransomware attack. Part one focuses on how to prepare your organization, part two on how to prevent it, and part three provides insight on how to recover from a ransomware attack.

Ransomware is a malicious software that infiltrates a computer, server or mobile device and hijacks the stored information. An organization usually needs to pay a ransom in order to get their data back.

ransomware1

How to Prepare for a Ransomware Attack

Ransomware pirates are always looking for new vulnerabilities to compromise your IT systems. It is important to use IT best practices to prepare for a cyberattack. There are two primary steps your company can take to prepare for this threat.

Step 1: Back up your data daily!

This by far the most important steps you can take to prepare your organization for a ransomware or any other type of cyberattack. A couple of must-dos:

  • Back up data daily to contain the amount of potential information loss.
  • Run automatic backups to avoid human errors.
  • Require employees to store business critical files and data on company servers that are backed up.
  • Test backup and restore procedures regularly.
  • Maintain offline copies of our backup data.

 Backing up your data is the single most important thing you can do. In fact, this is the only way you will likely recover your data unless you pay the ransom.

Step 2: Develop a Response Plan and keep it handy.

In the event of a ransomware attack, you will not have much time to respond to the extortionist’s demands. Emotions will be running high, and everyone will be scrambling. Your response plan will help reduce the chaos and should include the following:

Download our Ransomware Guide Sheet

  • Who to call during a cyberattack
  • How to communicate with employees, and if necessary, customers and media.
  • Inventory of critical data assets and where they
  • Location of back-ups and all other storage locations, e.g. cloud and external hard drives.
  • Analysis of the impact of losing data that was not backed up.
  • Response plans based on different scenarios, e.g. type of cyberattack, data affected, ransom demands.
  • Go/no-go decision analysis worksheet for paying the ransom.
  • Step-by-step ransomware removal protocol.

No business relishes the idea of a ransomware attack, however preparing for the worst-case scenarios can significantly reduce the time and cost to address an attack.

If you are prepared for a ransomware attack, it doesn’t have to be anything more than a rough day at the office. 

If you have a small organization with limited resources, consider outsourcing part or all of your IT needs to a local, professional Managed Services Provider (MSP) like Superior Endeavors Inc. SEI has multiple options for data backup and disaster recovery that are automatic and secure.  We will consult with you on cybersecurity while continually updating and monitoring your IT systems 24/7/365.

Read part two of our three-part blog series Ransomware 101 Part 2: Prevention

Download our Ransomware Guide Sheet

Find more blog articles, white papers, eBooks and success stories on our free IT Knowledge Center