So far in this series we've talked about how to protect yourself from getting (or spreading) ransomware and other malware through the various threat vectors. Now we are going to take a look at what to do if ransomware gets through your multiple layers of security and actually infects your network.
First, let's talk about what you don't want to do, which is pay the ransom. Several things may happen when you capitulate to the criminals:
- They might not release your data. There's no guarantee that you will be able to decrypt your data just because you've paid the ransom.
- You could be targeted in future attacks, and the ransom amounts will be higher. Criminals now know you are willing to pay, and they will punish you for not ‘learning your lesson' the first time.
- You contribute to the success of the criminals, and encourage them to continue spreading ransomware.
So if you don't want to pay the ransom, what should you do?