Disclaimer: This post may contain affiliate links, meaning we get a small commission if you make a purchase through our links, at no cost to you. For more information, please visit our Disclaimer Page.

Ransomeware attacks are a huge problem. They’ve doubled in frequency over the last two years, and they mainly target small and mid-size business lacking the resources to combat these threats. About half of the 1.4 million attacks occurring between June 2018 and June 2019 happened in the United States.

Ransomware demands quickly get expensive. The average demand is roughly $13,000, and the total cost of ransomware demands for all businesses exceeded $8 billion in 2018.

And here’s one more shocking statistic: Half of the cybersecurity experts in one survey said they don’t believe their companies are equipped to fight a ransomware attack. That’s especially scary because while ransomware attacks are decreasing among the general population, attacks against businesses are on the rise.

That means the average small business is at risk of a potential ransomware disaster.

So what can do you if a ransomware attack hits your business? Let’s take a look.

Read Article: Fix Application Has Been Blocked From Accessing Graphics Hardware

What to Do in the Event of a Ransomware Attack

Ransomware Attack

You’re working at your computer and your system locks up suddenly. Then, a note appears on your screen, maybe in huge letters or as an audio file. It tells you your files have been encrypted and you need to pay to get them back.

First, if your IT and cybersecurity team are not aware of this message, tell them immediately. Then, take the following steps.

1. Shut Off Your Computer & Disconnect From the Internet

This tip may sound obvious, but the panic of an attack can cloud your thinking. Shut down your computer and disconnect it from the network to help stop the spread of the virus.

2. Assess the Type of Ransomware

The two most common ransomware types are screen locking and encrypting. Here’s how you can tell which one you have.

Screen Locking. Screen locking holds your operating system hostage. In this case, criminals are trying to frighten you with a scary-looking message. Restart your computer in safe mode and try to remove the virus with your antivirus program.

Encrypting Ransomware. If you can see your folders and applications but can’t open your files, you may have been infected with encrypting ransomware. Encrypting is far worse than screen locking because it can allow hackers to scramble your files. That makes it hard to determine which files are infected and which aren’t.

If you’re not sure which virus your computer has, Crypto Sheriff may be able to help you identify it and whether there’s a fix. ID Ransomware is another useful program for this.


Assess the Type of Ransomware

3. Determine If There’s a Fix

If you’ve been attacked, you have a few options to try to reverse the damage.

Use a Decryption Tool. Sites such as No More Ransom can help you find a matching decryptor if you already know the virus strain. You can also check this running list of decryption tools.

Use a Deletion Tool. First, go to another computer and download a ransomware deletion tool. Save the software installer file on an empty flash drive, then use this flash drive to run a full scan of the infected computer. At this point, you may be able to identify and remove the infected programs.

4. Don’t Pay Ransom

What happens if you can’t recover your files? The FBI advises businesses to refrain from paying a ransom. It notes that paying a ransom doesn’t guarantee you’ll get the files back, and hackers might attack again if you pay.

The city of Baltimore echoed these reasons when it refused to pay a demand for $76,000 in bitcoin after hackers locked 10,000 city computers. The hack ended up costing Baltimore more than $18 million in lost and delayed revenue and systems restoration. But in the city’s eyes, it was better than paying criminals.

5. File a Police Report

Consider filing a police report as soon as the hack happens. Take a picture of your screen as evidence. Your insurance company might want proof of a police report.

Additionally, the Federal Trade Commission and FBI have sites where you can report a ransomware attack. The FBI website contains all of the information you’ll need to provide, including your name, address, IP address, details of the attack, and email headers.

Protecting Against a Ransomware Attack

Protecting Against a Ransomware Attack

Of course, the best way to minimize the risk of a ransomware attack is to take steps to prevent it in the first place.

Backing up your data is the easiest thing you can do to protect yourself from ransomware. Small Business Trends reports that about 140,000 hard drives fail each week, and 6 of 10 businesses that suffer data loss close within six months.

Don’t be a statistic. Find a cloud-based solution to back up your company’s data. That way, if you’re a victim of ransomware, you can wipe your system and restore the backups. Do not take a shortcut when restoring backups. Wipe your drive and reinstall your operating system before installing the backups. Otherwise, you risk leaving traces of the virus on your machine.

You also need to check to make sure the backups weren’t also infected. Log into your backup service or plug your drive into another machine to check your files. If your backups were also affected, then you’ve lost your data.

Final Word

A ransomware attack is scary. That message on your screen from a nameless, faceless criminal can elicit panic, but stay calm. Try to figure out what type of ransomware has infected your system. Once you know what you’re facing, you’ll be in a position to craft a plan of counterattack.

Even more importantly, make sure you have a systems backup plan in place and implemented. This is an excellent way to protect your data from ransomware attacks. Just remember to wipe your hard drive and reinstall your operating system before restoring your data after an attack.

Following these easy steps can mitigate the chances of a successful ransomware attack on your small business and help you recover if you’re hit with one.

What steps do you take to protect your company from a ransomware attack?