Preparing for a ransomware attack requires creating a mini-disaster recovery plan with steps: to avoid an attack in the first place, to minimize the impact of one occurring, and to recover if one does happen.
Avoiding begins with training your computer users to avoid malicious email attachments and infected websites. Regular reminders about how to recognize these are your best defense. Email security software available with Office 365 and other email providers can scan all attachments and help to remove malicious ones.
Make sure your anti-malware software automatically updates and operating systems and software stays up-to-date, including all patches. Individuals also need to be wary of providing information by phone to callers who may impersonate an official with your organization, your IT company, the IRS, or others. Scammers are trying new angles all the time.
Norton™ antivirus recommends that when you are traveling and using public Wi-Fi make sure to turn on a trustworthy Virtual Private Network
(VPN) such as Norton Secure VPN or ExpressVPN.
Minimize the impact of an attack by immediately disconnecting infected systems—whether wired or wireless. Make sure your staff knows to alert you and IT immediately if they suspect an attack. The longer it takes to address the issue, the more it will spread. Backup regularly to minimize data loss.
Recover : Scan all workstations and servers, reformat infected computers, and restore operating systems and data from backups. This
usually involves an IT professional. Check out the website nomoreransom.org . The site lists several known ransomware attacks and their associated decryption keys which may allow you to unlock your data.
Do not pay the ransom ! If you do, you are funding criminal activity and encouraging more attacks. Plus, paying the ransom doesn’t assure you will get access to your data.