For those who have yet to be victims, treat a potential ransomware attack as they would prepare for a server crashing. James said, “They need to be thinking about which files matter, and if those are captured, do they have another way to get them.” Have redundant copies of every file, shadow copies, and take that data and keep it off the network and safely away from the ransomware.
Criminals are making a lot of money with ransomware attacks because they are playing a game of psychological warfare with their victims. Rather than pay the fee to them, pay in advance to defend at the endpoint, or pay a trusted forensics team to help with recovery. The bad guys know that no one wants to look like a fool, which is why, James said, many people have actually lied about being hit and paid the fee quietly.
Rather than succumb to the psychological coercion, James said, “There needs to be more situational awareness. It’s OK to get hit. It’s OK to talk about it, and it’s OK to have a plan and to not hide it. The alternative is that they are creating a hot spot for ransomware getting worse when criminals realize what else they can make people do whether that means blackmail or causing the company harm."
Organizations need to remember that just because they pay the ransom, doesn’t guarantee they will get their data unlocked or unlocked with not further impact. They are, after all, dealing with criminals.
Sign up for CIO Asia eNewsletters.