- By Jesus Zarzosa
- In Data Security
- Tags Antivirus, Business Continuity, Cloud Backup, Disaster Recovery, Malware, Network Security, Patch Management, Ransomware, Risk Mitigation, Security
A significant increase in ransomware infections over the past few years has left many organizations both large and small scrambling for solutions. While it is to be noted that ransomware is another problem in which an ounce of prevention is worth a pound of cure, the steps necessary to remove the infection are not always as complex as they may seem. With proper preparation and management, along with appropriate backup and disaster recovery procedures in place, an IT department should be able to clean its network and redeploy its data fairly quickly.
Step 1: Remove the Infection
Sounds easy enough, and with the right tools in place it should be. Any enterprise grade or advanced antivirus program should be capable of detecting and removing a ransomware infection. If the infection persists after removal, disconnect the local network from any external connectivity (ie: your internet gateway/router) and re-run a full scan on all systems. If by chance the infection cannot be detected and removed, you will need to identify the ransomware by looking up its characteristics by its behavior and any warnings or messages it may display. Once it has been identified, you will need to locate a tool that is specifically designed to extract and remove the infection.
Step 2: Recover Your Data
After the ransomware infection has been fully removed from the network, your are ready to move onto step 2 and recover your data. If you have maintained appropriate (and frequent) backups of your data, such as through a managed cloud backup solution, this should enable you to replace the encrypted data with the clean backup data with minimal effort. Simply for this reason alone it is so incredibly critical for organizations of all sizes to maintain active and frequent backups of their data.
If your backups are not available, or you don’t have a backup system in place at all, the only option is to try and de-crypt your data. The keyword here is try. Look for tools that are specifically designed to de-crypt the data of the malicious ransomware you identified, but prepare yourself for disappointment. In a very high percentage of cases, the tools are not able to reliably unencrypt the affected data.
Step 3: Seal Up the Holes
The best offense against the threat of ransomware is a good defense. While it is one of the most prevalent email security threats today, the risk can be well mitigated using a few easy but important steps:
– Install reputable, enterprise grade endpoint security / antivirus software (no, not the free stuff)
– Keep Windows and 3rd party software up-to-date
– Train employees about the threat of ransomware and how to avoid suspicious files and email attachments
– Most importantly, create a solid and secure backup system (preferably backing up to more than one location)
A ransomware infection on your network is always distressing and poses a significant threat to the lifeblood of your business; your data. Fortunately, with the right planning it doesn’t have to. For more information about how Zeus Technology Solutions can help your company conquer ransomware and create a secure, reliable cloud backup solution, email us at email@example.com or call (888) 315-9387.