Unfortunately, sometimes all of your defenses fail. Here are the steps to recover from a ransomware attack.
In This Section
What Do You Do When the Worst Happens?
Your Initial Response
Minute zero. All of the defenses against ransomware have failed and the security team watches as machine after machine gets encrypted. It’s time to act to limit the damage. Learn what organizations should do when they find themselves in the middle of a ransomware attack.
Getting Everyone in and Putting Together Your Plans
Implementing Your Disaster Recovery and Incident Response Plans
After you create your incident response and disaster recovery plans, it’s now time to put those plans into action. Here are the steps organizations should take after the ransomware attack has stopped and the long, slow road to recovery has started.
Ignoring Outside Pressure While You Implement Your Plans
Communicate, Communicate, Communicate
Prepare Everyone for a Long Slog
When You Need Outside Help
Sometimes a ransomware attack is even worse than the worst-case scenario an organization planned for and you need help. Learn how to get outside help, what’s expected when outside help shows up, and what happens next.
Everything has gone wrong, and outside help isn’t able to assist or the data stolen by the ransomware group could bankrupt the organization if it’s released. Even though everyone will say not to, sometimes a ransom has to be paid. Determine when that needs to be done and what the repercussions are for doing so.