fbpx
Blog

JensenIT Blog

JensenIT has been serving the Illinois area since 1991, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

Your Organization Has Been Infected with Ransomware; Here’s What To Do Right Now

Your Organization Has Been Infected with Ransomware; Here’s What To Do Right Now

We’re hoping that you are actually reading this post to prepare yourself if your business were to face a ransomware attack, but if you are suffering from one right now, we encourage you to reach out to us immediately, whether you are a client or not. Ransomware spreads quickly, and once it has infected a system, there really isn’t much you can do to stop it. However, there are steps you need to take to come back from this gracefully.

Contact Your IT Department

Whoever manages your network needs a phone call, right now. If you can’t reach your IT provider, give JensenIT a call at (847) 803-0044 and we will attempt to assist you.

Take the Network Offline

If multiple systems are impacted, take the network down at the switch level. Unplug the switch and disconnect it from the rest of the network. Your goal is to quickly isolate the issue so it doesn’t continue to spread across your network, including your backup and other devices.

You want to avoid powering down devices unless absolutely necessary. If you shut down hardware, you might lose your opportunity to trace exactly how the attack occurred, as some of this information might only be retrieved from volatile memory that goes away once a device is shut down.

Establish an Off-Network Communication Method

At this point, assume your network is entirely compromised. It might not be, but the safer you are, the more likely it is that you’ll come out of this unscathed. Communicate internally and externally with phones and text if possible, in case a system is compromised and being watched.

Get ready to do a lot of communication, both internally with your staff, and potentially externally with your customers. If you are dealing with an actual data breach and cybercriminals are gaining access to customer information, then you’ll need to know exactly what information has been stolen and follow industry guidelines appropriately.

Take a Photo of the Ransomware Message and Report It

Ransomware is considered a felony, so take a photo of the screen with your smartphone. You’ll want to report the ransomware to the proper authorities.

Do You Have a Backup?

If your business isn’t backing up your data properly, then your situation just got a whole lot worse. If you are reading this proactively, audit your backup and invest in it. If you have a backup solution and haven’t thought about it in over six months, assume you don’t have a backup until it is thoroughly audited and tested.

If you have a backup, and you are confident in it, then you can take a deep breath. The problem isn’t over, but it will pass and things will go back to normal in time.

Get a Professional to Wipe the Infected Systems and Restore Your Data

There are a handful of tasks that your IT provider will want to accomplish. Running additional forensics to determine how the ransomware made it onto the network in the first place can provide some valuable insights. It’s possible that there are other threats lurking on the network. Most businesses that suffer from a ransomware attack face consecutive attacks afterward.

It’s rare, but possible that a ransomware attack can be reversed, but in most cases, just assume that the device needs to be wiped and that the data on it is lost. You shouldn’t be storing critical data on a workstation anyway—everything should be securely stored on your servers which are thoroughly backed up and redundant. 

Use This as a Learning Experience

The best way to combat ransomware is by avoiding it in the first place. Your business should take steps to protect itself from subsequent attacks. If your organization is lucky enough to have not been affected so far, it’s still a good idea to have your network audited to make sure you aren’t taking major risks.

How to Move Away From Evernote (And Some Note-Taki...
Improve Your Chances of Success with IT Consulting
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Thursday, November 14, 2024

Captcha Image

Customer Login


Latest Blog

A compressed file (also known as a zip file) is a handy way to accomplish various tasks, although many people may not know what they are or do. We want to fix that, so we’re going over what a compressed file is and how to make one.

Contact Us

Learn more about what JensenIT can do for your business.

JensenIT
1689 Elk Blvd
Des Plaines, Illinois 60016

Sign up for our Newsletter!

Hey! Before you go, subscribe to our newsletter for IT tech tips and advice!