recent blog<\/a> about the incorporation of the insidious KillDisk component into the ransomware mix, you could now not only face having your data locked, but actually getting your entire hard drive irreversibly scrambled (short of forensic recovery). If you just have one machine affected, that\u2019s certainly less of an impact than some modern ransomware attacks which lock up data across internal networks.<\/p>\nWhat is your organization\u2019s policy?<\/b><\/h2>\n
Increasingly, organizations are adding ransomware to the disaster recovery (DR) plans that they practice. If you don\u2019t have a DR, you may want to use some of the templates or other boilerplate documents from folks like NIST that give you some general guidelines. Luckily, there are lots of organizations that have already given it some thought and can advise on the practical steps to take in case it happens.<\/p>\n
![\"Data](\"http:\/\/www.welivesecurity.com\/wp-content\/uploads\/2017\/01\/shutterstock_525066271-1.jpg\")
<\/b><\/h2>\nHow good are your backups?<\/b><\/h2>\n
If they are close at hand, offline<\/i>, and easy to restore, you can breathe a sigh of relief; you\u2019ve definitely passed the test. On the other hand, if you\u2019re restoring bulk data across the network from the cloud or a remote site, the network pipe can be a significant factor. At times, it\u2019s easier to send a courier or overnight service to retrieve a box of hard drives. Still, if you have the data in its original form and a fairly recent data set, you\u2019ll be miles ahead of those who haven\u2019t.<\/p>\n
\u201cIf backups are close at hand, offline and easy to restore, you can breathe a sigh of relief.\u201d<\/span><\/p>\nWhat data is really important<\/b>?<\/h2>\n
If you have critical data, it should be far less easy to access, and therefore much less likely to be affected in a ransomware attack than, say, a laptop used by salespeople in the field. This means if you have a laptop that gets compromised, it may be easier to just re-image, restore your data and get on with your life.<\/p>\n
Know how to spot a scam<\/b><\/h2>\n
Many ransomware campaigns use phishing emails as an entry point, and while user training makes it easier to spot these, the emails can be very convincing. For this reason, upstream email gateways, or even on the endpoint (depending on your environment) can spot rogue emails before they get a chance to act.<\/p>\n
As long as it\u2019s profitable, ransomware will continue to flourish. By taking these steps, we all can help reduce the likelihood of a payout, and defund the scammers. As soon as the money stops, they will too.<\/p>\n
Source:
![\"Businessman](\"http:\/\/www.welivesecurity.com\/wp-content\/uploads\/2017\/01\/shutterstock_389577148-1.jpg\")
<\/b><\/h2>\n