AFFECTED BY A RANSOMWARE ATTACK, NOW WHAT?

Apr 13, 2021 | Blogs and whitepapers

In times of increasing digitization and automation, data is the driving force of our society. But with digitization also grows the fear of cybercrime. In the past, all important documentation was kept in safes or could be found scattered across multiple locations. Now however, data is no longer tangible, which causes the fear that it can easily fall prey to cyber or ransomware attacks. And that feeling is justified. Luckily, there is also good news. Companies that make a timely commitment to a proper backup and recovery strategy are perfectly capable of recovering quickly. One thing is certain: choosing the right external partner to support your IT service will help you at that crucial moment. At WESTPOLE, you have come to the right place for exactly that. We’ll even assist you to properly detect those attacks. A ransomware attack is a type of cyber attack in which cybercriminals lock up all or certain company files and demand a ransom. Many companies would rather pay the requested ransom than invest in a proper recovery strategy. But this is obviously not a good long-term solution. The chances are high that the same hacker will attack the company again, if the requested sum was paid the first time. In addition, there is no guarantee that the data and files will be released upon payment. Therefore it is best to turn to WESTPOLE to help you set up a solid backup and recovery strategy.

An increasing problem?

Typically, ransomware enters an organization’s system when an individual user opens an infected file. Users today often have too many rights and access to a lot of corporate data. This gives ransomware a free pass to impact almost the entire business environment. Increased user access may seem convenient for everyday business activities, but it clearly entails risks as well.

Although the number of cyber attacks in general and ransomware attacks in particular are not necessarily increasing, these attacks are becoming more sophisticated and effective. They have adapted a new reality, which is particularly dangerous for companies that are not alert. Fortunately, it is not only cyber attacks that are riding the wave of digitization; our software and data storage solutions are also evolving at a rapid pace, so technology does provide us with the weapons to fight the more sophisticated cybercrimes. In addition, there is now more awareness among companies. In the past, many users and businesses were more likely to fall for a cyber attack or ransomware attack, simply because the phenomenon was still unknown.

Notification of a ransomware attack, now what?

When you receive a notification of a ransomware attack that asks for a ransom, it is often already too late and your data has already been hijacked. Ideally, ransomware should therefore be detected at an earlier stage. Specialized antivirus software can help you with this, although backup software is also becoming smarter: Infected data is considered as new data and this can be an indication of ransomware.

The second step to take after identifying an attack is to try to contain it. Make sure that the files that have been impacted and recovered cannot be reinfected right after. Therefore, the key is to take action as soon as possible to detect the source of the attack. In the third step, the focus will be on recovery and compliance with certain legal obligations. For example, some industries must report an attack according to the GDPR.

Count on WESTPOLE as your reliable partner

Usually, the process between detection by employees and calling in your own IT service is too slow. WESTPOLE ensures that the source investigation proceeds quickly and helps to restore the data immediately. This gives your own IT staff the time and space to provide early notification to internal users and customers about potentially infected files. By working with WESTPOLE who is fully familiar with your backup environment and your company’s IT system, you do not lose any valuable time. By involving WESTPOLE  in your disaster recovery plan as early as possible, you can focus on your company’s core business.

Prevention better than cure?

Limiting the impact in the event of an attack and ensuring good backup solutions go hand in hand. It is therefore appropriate to assume that sooner or later your company will also fall victim to a ransomware attack. These attacks are very damaging because the scale is so large: you have to put out different fires everywhere at the same time. Companies that establish the right processes in advance are less affected. It is a matter of choosing the right crisis management. WESTPOLE has a proven track record and is more than happy to help you with it.

By Govert Lambrechts, Presales Architect ICT at WESTPOLE