The paper is a practical and short guide about urgent actions to take when your organisation is victim of a ransomware attack. The response starts with assessing the extent of the attack. Once you know what data were on the encrypted machines and have been exfiltrated, you can build your response.
Some other interesting points include:
- Don’t turn off the infected devices or shut down the systems, but isolate them as much as possible. Having a running system might help when conducting detailed (forensic) analysis.
- Assume that your business communication tools have been compromised, so communicate about your response through a separate and secure channel.
- Set-up a crisis management team.
The security task force members unanimously expressed their wish that this paper highlight the need to take action now, before an attack happens. So, define your crisis team and cyber incident response plan beforehand, including the steps. Maybe even contract with a cyber incident response firm.
Also set up your communication plan: it is nearly impossible to do this once the cyber security incident has occurred.
You may also like:
Plans are useless, but planning is indispensable – cyber security
Cyber attacks have increased dramatically over the past year. Almost every week, we read about organisations becoming the victims of hackers. Sometimes, the impacted activities are only unavailable for a short while, but in other cases,...
Beltug Paper: ‘Cyber insurance – Let’s talk sense and non-sense’
Criminals have moved their battleground to the digital world. There are new attacks on a daily basis, resulting in operational costs and reputational damage. But besides protecting your infrastructure, can and should your company purchase professional...
Peer practices: Cyber incident response plan to manage cyber threats
“There are only two types of companies: those that have been hacked, and those that will be”, starts the well-known quote by Robert Mueller. He continued, however: “Even that is merging into one category: those that...