Ransomware targets enterprises can cause great damages. It not only interferes with enterprises’ daily operation, but also damages brands’ reputation.
Based on TeamT5 incident response team’s professional experience, we suggest enterprises can go by 2 levels of measurements. By doing so, you will be able to effectively control the damage and bring business back to normal soon.
Technology Level
Enterprises’ internal team or vendors should take the following measures in order to lower the impacts of ransomware attacks.
- Team should isolate the attack source in order to control damages.
- Team should collect related comprehensive info of the attack / incident. It’ll help the team to investigate the process of the incident and patch the system vulnerabilities.
- Team can hire cybersecurity experts to conduct effective recovery measures. It’ll help enterprises & organizations’ operations back on the right track.
Management Level
Enterprises’ management team (or partners) should take the following measures in order to better respond to invisible impacts (e.g. negative brand image).
- To evaluate and calculate damages brought by the attack / incident.
- To negotiate the ransom. However, some experts advise enterprises & organizations should neither contact the attackers nor pay the ransom.
- To work on public relations in order to lower the negative impact on brand image.
With solid technical background and frontline expertise, TeamT5 provides an in-depth investigation and responses to real-world cyber-attacks. We identify and research the intruder attacks, the impacts and technical causes of the incidents, and recommend solutions or workarounds to assist our clients in recovery and remediation.If you have needs for incident response, please contact us through: https://teamt5.org/en/request-information/