Welcome to #WeekendWisdom number 78. This week we’re going to talk about Dealing with Ransomware.
My favourite subject – NOT!
I touched on this back in #WeekendWisdom number 043, but just this week I’ve seen some posts from IT people and I was also on a webinar this week where there was an IT person that claimed they have cybersecurity skills and they all implied that if you get hit with ransomware that if you just paid the ransom you will be back in business. If you hear somebody say that to you, do not believe them because it is completely false! It is totally wrong! They are lying to you!
What is the reality in dealing with Ransomware?
First of all if you do manage to pay the ransom and get your data back, it will take a long time to recover your data, to decrypt all that stuff that’s been encrypted.
But you might not get your data back at all after paying it. They might not give you the key.
Even if you do get your data back some of it may be corrupted. Particularly if you have large databases.
But even still, if you get the data back, you still have to go through an exercise of sanitizing your complete infrastructure to make sure you remove all traces of the ransomware and any other infections they may have left behind. Any kind of back doors.
A lot of time and effort will be required to recover from a ransomware incident.
What should you do?
So if some IT service person says to you “Ah yeah. Pay the ransom. You’ll be grand” They’re lying. Walk away from them. They haven’t a clue what they’re talking about.
What you really need to have in place folks, is have a good backup strategy which is tested. Also have in place incident handling procedures, which you again need to test. Having them in place will help you recover from such an incident much more quickly and easily.
So that’s it for this week. Lets be careful out there and we’ll talk to you again next week.
How can L2 Cyber Security help you?
We offer a full range of training programmes, which can be delivered online or in-person*.
L2 Cyber Security are also a partner of CyberRiskAware for online self-directed Cyber Security Awareness training and Phishing testing.
Contact us for more information at info@L2CyberSecurity.com.
*With appropriate social distancing and other health and safety measures adhered to.