Ransomware Attack? Fear Not, Fight Back! Guide to Recovery
Any organization can take simple steps to contain a ransomware attack, protect confidential data, and minimize downtime to maintain business continuity
For any device that is infected or could become infected, disconnect the Ethernet and turn off Wi-Fi, Bluetooth, and all other network functions
Ideally, you should use a different device, such as a smartphone or camera, to take a picture of the ransom note on the affected device’s screen before proceeding further
After disconnecting the compromised systems, report the attack to your IT security team
Restarting infected devices is not advised when handling ransomware. Hackers are aware that you might automatically do this
The kind of ransomware infecting your devices can be determined with the aid of a number of free tools
Update system credentials first, then use backups to recover data. Three data copies in two formats and one offsite copy are always a good idea
You should always report ransomware attacks to the FBI or law enforcement since they are illegal and constitute extortion
Choosing to pay the ransom can be difficult. Most experts recommend paying only after you’ve exhausted all other options and data loss would be worse