Skip to main content

What To Do When Ransomware Attacks?


What To Do When Ransomware Attacks picture

What To Do When Ransomware Attacks?

Those old wire fraud criminals or identity thieves has now upgraded to Ransomware Attacks. It must be the seductively high amounts of cash extortion rates that ultimately attracted them.

How does ransomware attack work picture

On the flipside Companies are paddling hard to stay afloat after a ransomware wave. Especially now during this trying times, with the Pandemic and lockdown rules, which heavily adds to their already shrinking profits.

(Here are Seven steps to take after a ransomware attack)

What To Do When Ransomware Attacks?

Before you can even attempt to survive a ransomware attack. You should at least understand the basic characteristics of the malicious software.

In short it's an ecryption based ambush. The malware spreads like a virus, locks a business out from their own computer systems, saved files, customer accounts, documents and entire network. And requires a password or decryption key to restore your access.

It's a method used to greedily demand money, in return for access to your own property.

It can be compared with a kidnapping scenario. Where the kidnappers may require a financial payout, before returning your family member, or else take their life.

In other words a Ransomware is a process where valuable information is being hijacked, through a strong encryption method. And a large sums of payout to the attackers is demanded, in order to release your valuables.

In the particular attack critical information or resources are generally captured. Which is usually central to your day-to-day operations. And without it your business will seize to function.

How Does Ransomware Access Your System?

Your mailbox is the most common medium used to infiltrate your network. It may come as a professional looking email (with an attachment). Where the malicious code is hidden.

  • It can be disguised as a statement, invoice, report or any other legit looking business like email.
  • As soon as the enclosed file or attachment is opened it creates duplicates of itself and spread through your entire network.
  • As the malicious code floods through your computer network it diligently encrypts files.
The Characteristics Of Ransomware Attacks

Users are systematically locked out of their computers, you're unable to utilise your internal systems, intranet and your service stalls.

A message is displayed requesting the payment of for example $3.6 million. Please note: Each amount of ransom amount is uniquely tailored according the criminals expectations.

It could range anything from thousands, to hundred thousands of even millions of dollars, euros, or cryptocurrencies.

What To Do If You Get A Ransomware Attack?

In the case of such an attack, the writing is on the wall. It's a very complicated situation. Since the criminals took control of your entire business systems.

Which may include: Customer credit card details, proprietary data, sensitive documents, company secrets, human resources files, core financial systems, etc.

You may only have a handful of options and each has it own variables:

Let's consider the odds from a realistic perspective. The cybercriminals may require a ransom payouts, within a specific deadlines.

The May Threaten To Either:
  • Completely delete your information or destroy it.
  • Permanently encrypt it in a volt, preventing access for good.
  • Or use their favourite threat: Which is to distribute it publicly across the web, to destroy your credibility and maliciously expose your brand.

What makes it even more horrific is the fact that they already have access to private information. Your privacy already feels violently exposed to strangers.

So What To Do When Ransomware Attacks Under These Circumstances?

You have to start balancing the Odds, because some companies deals with more precious information than others.

Regardless, every piece of data is sensitive and can have dangerous consequences, if it's used with malicious intent.

What Are The Odds To Consider When Dealing With Ransomware?

Paying The Ransom:
The attacks may not honour their part of the deal. Even if they do, they may see you as vulnerable and include you on a list for regular shake-downs.
Don't Pay The Ransom:
Assuming you have backup data and can simply restore your database. However there's the risk of the intruders having access to the captured originals. Which is another an information security risk.
Get experts to assess your risks
Is the best answer in my opinion, because they will clearly balance your odds from a technical perspective. Instead of making hasty decisions that you may later regret.
In Summary:

Each ransomware attack is handled differently. Sometimes the attackers may be chancers.

Who fail the attack due to your cutting-edge security measures. They may even lack of attack resourcesfulnes, knowledge or experience.

In this case paying for the release of your data, may be a poor decision. In other cases it may be well-versed and seasoned attacks, who are lethal in every aspect.

The best way forward in either cases is to consult the experts. Besides you won't really know who you're dealing with.