Mar 16, 2016

How should businesses respond to ransomware demands?

If a business gets hit by ransomware, what is the proper way to handle it? Should we approach it the way the US approaches terrorists ransom demands (no deal) or take the European approach (let’s talk)?
First of all, you should not let hackers sabotage you after taking your data a hostage. How could you do that? Make sure you have extra copies of your business data and keep them in external hard drives or similar solutions. Also, you should install a reliable anti-spyware and keep it up to date. Finally, stay away from malicious emails that have been actively used for spreading ransomware. To spot the malicious email message, you should check the sender. If you don't know him/her, you should ignore the email message or, if you are still curious about it, contact the sender and ask about the email. Secondly, make sure you read the email body carefully and look for grammar/spelling mistakes. Finally, check the attachment before downloading it to your computer.

"The Institute for Critical Infrastructure Technology recently released a report that in part describes how to deal with criminals when they are holding your data hostage. The report talks of what to do once a breach has been found.

ICIT says the proper response will depend on the risk tolerance of the organization, the potential impact of the hostage data, the impact on business continuity, whether a redundant system is available, and regulatory requirements."

Depends on the amount of valuable data that's at stake. If you have proper backups and protection set in place you shouldn't have to think about it. On the other hand if your money making data is effected with no other way to retrieve it, you have to way in paying a few hundred bucks to get it back vs loosing valuable or irreplaceable info. Regardless you should think of disaster recovery plans as well as proper protection, to avoid those type of situations.
Answer this