What to do if Your Business is Victimized by Ransomware

By | 2018-03-13T06:50:05+00:00 March 12th, 2018|IT Services|

Your computer is acting funny. You can’t access certain files. Then, you receive a pop-up message. You read the message only to learn that your data has been encrypted and you no longer have access to it – UNLESS you send a large wad of cash to the hijacker in unmarked bit-bills.

Unfortunately, bitcoin payments don’t arrive with dye packs that blow up on delivery. So, how do you get access to your data? What do you do when your business has been attacked by a hacker with ill intent?

Step One: Don’t panic.

First and foremost, remove the infected computer from your network.

Before complying with any demands, you may wish to verify the existence of malware. Hackers have been known to create threats that aren’t really there, all for the express purpose of extorting money from you. The hope is that you never actually check to verify that a threat really exists. Hackers rely on you to panic and pay the fee without thinking. So, take a deep breath and…

Step Two: Run an anti-malware scanner to check for an infection.

Reboot your computer and run it in safe mode. This will enable you to run your anti-malware software. If the ransomware is fairly innocuous, your anti-malware software will be able to remove it. Once you know that’s the case, there’s no harm and no reason to pay the hacker. Then, your next step is to…

Step Three: Develop a prevention strategy so that you won’t have to go through this again.

Call the IT experts at Beacon and we’ll check your network for other vulnerabilities. We’ll copy your hard drive, desk top files and applications and install a backup system that protects you from future malware attacks.

If you’re unable to remove the insurgent threat, you should attempt to….

Step Four: Identify the ransomware.

If the anti-malware application will not remove the threat, your next step is to identify the ransomware. You can do this through ID Ransomware. Upload the ransom note, forward a file that cannot be opened or simply input an email address from your network. This free website can often identify the ransomware that has encrypted your data.

If ID Ransomware fails to identify the ransomware type, there are decryption tools that may be able to help you unlock your files. There are decrypters available to combat ransomware such as Locky, HydraCrypt, CryptoLocker, and Petya. You’ll be taking a shot in the dark so to speak, but if you hit on the right one, you’ll be able to unlock your files.

If not, we suggest that you…

Step Five: Go Back to Step Three and Call Beacon

By now, you may have decided to pay the ransom. While we don’t recommend doing so, only you know what this ordeal is costing you in lost revenue and/or reputation. If circumstances dictate it, one cannot be blamed for protecting one’s customers by paying the ransom. However, the IT team at Beacon can put the kind of prevention plan in place that best fits your need and budget, protects you and your customers and prevents the same kind of mishap from every happening again.

Get a free assessment of your network. Contact me directly or speak with a member of our IT team at 336-447-3379. We’ll make sure you’ve got the necessary system in place to protect you from ransomware threats so that you can focus on your core business.

About the Author:

Kevin Lackey
Kevin joined Beacon as an Account Executive in August 2016. He graduated from the University of North Carolina at Greensboro with a B.S. in Business Administration. Kevin has 15 years of sales experience, most recently as a Strategic Education Account Manager at Best Buy for Business.