What To Do When Ransomware Strikes?

I‘m always on the lookout for articles with the potential to positively change a business. What’s your take on the following points I came across recently?

Cyber criminals are not just targeting entire organisations but also every individual that works for, or conducts business with it. In August this year, thousands of Australians were targeted by a ransomware email scam purporting to be from energy company AGL, sending a fake bill and prompting the recipient to click and download a copy. This is concerning because once hackers gain access into IT systems, massive amounts of data can be encrypted and then extorted for a premium price from companies.

Ransomware strikes when you least expect it

The thing about ransomware is that it can strike at any time and when it does, organisations have little time to act. To add to the pressure, payments for some variants increase each passing day. Hence, without a well-defined plan in place, organisations will not be able to block and recover from attacks quickly enough. This article provides some areas for consideration should an organisation come under attack.

Understanding the basics

The first thing organisations need to know when they come under attack by ransomware, is the type of malware they have been hit with and how it works. Some variants can be decrypted without paying the ransom or obtaining a key from the attacker. Others are extremely well-built and offer no recovery path other than paying the ransomware fee for the key. Finding the key or its hash somewhere in the company’s system is ultra-time sensitive, so IT teams need to have the malware analysed quickly to decide how best to respond.

I’d be really interested to know your opinion. Check out the full article here https://www.cso.com.au/article/609870/what-do-when-ransomware-strikes/ and then I’d be happy to discuss with you by phone (1300) 136 410 or email [email protected].

Thanks,

Matthew