Ransomware: If you became victim of a ransomware

Even if you effectively maintain preventive measures, you still could become a ransomware victim some-day in the future. Here are some important points you must keep in mind in case of such an unfortunate event.

First of all, don’t pay the ransom. As hard as it may seem but don’t pay the ransom! Paying the ransom doesn’t guarantee that you’ll get a decryption key nor that you’re data will not be sold off. You may get the key, but that means you got a good reputation as a “ransom payer” on the black market. You will become target again. Furthermore, several governments and laws consider ransom payment as a criminal offence in order to stop this criminal “business model”.

Secondly, if back-ups are available, make sure that they have not been impacted by the cyber crimi-nals. If back-ups aren’t available anymore, don’t delete the data as decryption keys are frequently found afterwards .

Lastly, inform the stakeholders that you have been hit by a ransomware. A Ransomware compromise is a painful affaire, but also an opportunity to learn. It will motivate other organizations to think again about the security measures, thereby improving their security posture, and furthermore impede the ransomware business. Certain regulations (PCI DSS, GDPR,…) even require the impacted organiza-tion to notify stakeholders, such as the regulatory bodies, of security incidents.

Through this blog series, the evolution of ransomware throughout the past and the upcoming years, preventive measures and responses were explained. Many of these measures detailed in the second article, can serve as a guideline if one would not know where to start.

If you need any assistance or have any questions regarding ransomware within your company, don’t hesitate to contact us.