Ransomware Attack? Fear Not, Fight Back! Guide to Recovery

Any organization can take simple steps to contain a ransomware attack, protect confidential data, and minimize downtime to maintain business continuity

For any device that is infected or could become infected, disconnect the Ethernet and turn off Wi-Fi, Bluetooth, and all other network functions

Ideally, you should use a different device, such as a smartphone or camera, to take a picture of the ransom note on the affected device’s screen before proceeding further

After disconnecting the compromised systems, report the attack to your IT security team

Restarting infected devices is not advised when handling ransomware. Hackers are aware that you might automatically do this

The kind of ransomware infecting your devices can be determined with the aid of a number of free tools

Update system credentials first, then use backups to recover data. Three data copies in two formats and one offsite copy are always a good idea

You should always report ransomware attacks to the FBI or law enforcement since they are illegal and constitute extortion

Choosing to pay the ransom can be difficult. Most experts recommend paying only after you’ve exhausted all other options and data loss would be worse