Ransomware – What to Expect When You Least Expect It

What is a ransomware attack? Ransomware attacks can sneak into businesses when a user opens an email with an attachment or document. More aggressive forms of ransomware can be found embedded in websites (even trusted, legitimate websites) where hackers wait to infect visiting users’ machines. This type of attack is known as a watering hole or a drive-by download attack.

Ransomware attacks can cripple businesses and often happen at the most inconvenient times. Once a business is hit with a ransomware attack, a majority, if not all, key business processes can come to a halt until the event is resolved by IT professionals. If the security posture is poor, businesses can struggle to recover from a ransomware attack typically, due to the fact that the necessary precautions leading up to the attack were not taken. Businesses can face the encryption of their workstations, servers and databases housing core business data, including email servers.

Once a network is encrypted, the business ceases to function. This is when the painful lessons begin. Whether you have IT staff members or the IT staff function is outsourced, the worst information to learn is that there are no backups of your data or that the backups are encrypted, as well. In this case, there are limited options for data recovery or the data may be completely unrecoverable. An external incident response team of digital forensic specialists can be called in, but ransomware variants are sophisticated and thorough often leaving businesses with limited options to either: 1) pay the ransom, or 2) rebuild from scratch and lose all business data.

At this point, the only way to usually recover data is to attempt to pay the ransom. Paying the ransom does not guarantee whether or not you will be able to unencrypt your data. By making initial plans now, businesses can begin to strengthen their overall security posture and prepare for a cybersecurity incident, including ransomware.

Continue Reading


DHG Contact

Douglas Jambor, CISSP, ISFCE, CCE | Senior Manager, DHG IT Advisory | itadvisory@dhg.com