Subscribe to the Zog Blog to get news Delivered straight to Your box!


When Ransomware Strikes, What Are Your Options?

It’s terrifying to think of one wrong click leading to everything going offline. All of your files locked up. All of your computers inoperable. None of your staff being able to work.

No matter your industry, when ransomware hits, everyone pays. And if you’re in healthcare, that might mean HIPAA fines, but also patients not getting adequate treatment.

I’m sure that anyone if given the choice of paying the ransom and getting all of their data restored would seize the opportunity to pay it and forget about it.

But the problem is it isn’t always that simple.

What are your options when it comes to dealing with ransomware?

Pay the ransom? Historically when businesses simply pay the ransom, they’re hoping for the best. Most folks that do pay ransoms have no clue whether the criminals holding their data hostage will ever actually release their data—they are making deals with criminals after all.

And even if they end up giving you your data back, they may end up attacking you a second time. Knowing that you will pay the ransom shows them that you are a good target. They may—in fact, hit you a second time.

On top of marking you for a second (or even third) ransomware attack, paying the ransom directly funds illicit operations which target businesses and governments.

Not pay the ransom? A lot of folks will not pay a ransom either because they have objection to rewarding criminals for stealing from them. Others—especially healthcare facilities—may object not only from a moral stand point, but also because doing so will lead to a data breach (note: when your data is encrypted by ransomware, it has not necessarily been breached—since no one has actually viewed any of the data).

In the event the criminal goes through and decrypts your data, your data will have been exposed during the decryption process to those criminals.

If you do not pay the ransom, you may never be able to access those encrypted files. While someone very well may figure out how to crack the encryption code, you won’t likely have an easy solution to get you back up and running any time soon.

Restore everything from backups? This option demonstrates that your organization has put serious thought into a disaster recovery plan. Any businesses should be able to restore from backups, but most are never able to because they (1) never planned on how to restore from backups, (2) never addressed everything that needs to be backed up to adequately restore from backups, or (3) never tested their faulty backups.

Backup recovery could just possibly be the breaking point for your organization if they are not complete or if your IT Support team doesn’t understand how to completely recover your systems (hint: it’s much more than actually having your data files and documents. Think network configurations too!). If you’re not sure whether your backups are sufficient to prevent devastation from a ransomware attack, consider a network security assessment.

Rebuild from scratch? If you can’t pay the ransom and have no adequate backups, your last resort may be to rebuild from scratch. That means rebuilding EVERYTHING that once was on your network from scratch.

How many hours has your IT support put into getting your network to where it is? You’re probably facing some BIG capital expenses to just get back to where you were (and if you’re not using the right people to help build out your network, you may end up in the same predicament as before—attacked without an adequate backup!).

No more ‘what ifs’. What are the steps you desperately need to save your business’ network from ransomware?

Patch!—if you’re like most businesses, you likely have a whole bunch of software installed across your network. Software inherently comes with vulnerabilities. And ones developers identify vulnerabilities, they end up creating patches to ensure that bad guys don’t exploit them.

The problem? Many IT Support teams fail to patch networks as diligently as required to ensure that cybercriminals are not exploiting those vulnerabilities and attacking your network with ransomware viruses.

Inform!—Even though you may have some pretty smart people on your team, chances are they aren’t reading about or thinking about ways criminals are exploiting their good nature into letting them onto your network.

One of the biggest ways IT Support teams can help is by keeping them in the know. With more sophisticated cyberattacks—phishing schemes and social engineering—criminals are making it easy for users to be duped. Without reminders, your team may unsuspectingly initiated a cyberattack on your network.

Block the bad stuff!—While the majority of attacks nowadays are specifically targeting software vulnerabilities (with known fixes) or through deceptive phishing attacks on users, many of the attacks could have been nipped in the bud simply by blocking malicious-looking traffic from landing on your network.

By having smart firewall technologies that are trained to learn what bad traffic looks like, you have a better control on where people are coming from when they ping your network. More often than not, if a bad guy had to choose between a network that was well-protected with a properly configured and maintained firewall to one that was either mis-configured or easily averted, in all likelihood they would veer towards the easier targets.

Get a second opinion!—One of the most painless ways to make sure you’re doing enough to keep your network secure is to get a second opinion. Cyber security experts actually recommend getting a network security assessment if you have any suspicions or gut feelings that your network may not be protected as it should.

Concerned that you may be the next victim to ransomware? Contact Us TODAY for a free network security assessment!

Scroll to Top