US Cybersecurity and Infrastructure Security Agency (CISA) has released a fact sheet that offers tips to organizations that help them prevent and respond to ransomware attacks, thus assisting them in avoiding financial loss and loosing customer trust.
Foremost tip is to avoid paying a ransom under all circumstances as it not only encourages crime but also doesn’t guarantee a return of the decryption key for sure.
Second, organizations should well in advance take adequate proactive measures that help them guard against falling victim to ransomware attacks. The measures include taking encrypted backups of data from time to time, maintaining them offline and online, and having a business continuity plan, keeping their software updated with the latest fixes, and configuring devices on a regular note.
For organizations that house sensitive information, they should maintain an inventory of data and ensure that it is well encrypted and is driven by regular security audits. Also, a procedure that enables data breach response and notification should also be followed, along with an incident response and communication plan if any untoward occurs.
If a ransomware strikes organizations, then the business should take measures to secure the network and stop any additional loss of data to hackers.
CISA is recommending victims to take a system image and memory captures of the affected devices and inform the law enforcement such as FBI about the incident and must notify their customers that their data has been exposed and might be misused.
Finally, the ransomware fact sheet released by the CISA concludes with some general information that points towards ransomware incident and response.