Suddenly your computer system is blocked, your files and folders unreadable. You only have access to one message: a ransom request in exchange for the encryption key that will remove the encryption that has left you paralyzed.
In 2018, ransomwares reached 44% of large companies surveyed for the annual barometer of the Club des Experts de la Sécurité de l’Information et du Numérique. As a result, it now ranks among the top three threats. So, here’s a reminder of what you can do in case of an attack:
1. Do not delete any evidence. Notify the police and your insurer.
2. Disconnect the devices connected to the infected machine. Turn off the computer and cut it off from the internet to prevent the infection from spreading over your network.
3. Don’t pay! You risk losing your money, but also your data if the criminals decide not to keep their word.
4. You can try to conduct your investigation and try a disinfection method. Search the forums, but do not click on any links related to your ransom note.
5. Retrieve back-ups of your files and applications and install them on a healthy machine. Backups on different media are part of the best practices that must be implemented.
6. Rethink your cyberattack prevention policy: system protection, security of internal and remote access to your network, data security and payments, software updates, and prudent digital behavior. Cyber-risk awareness is crucial: ransomwares are viruses that sometimes enter through the back door of an inattentive collaborator’s email or a trapped download….
