When, Not If
Ransomware attacks are crippling US businesses, from hospitals to pipelines. The FBI advises against paying, but the pressure is immense when data is encrypted and operations halt.
Prevention
- Immutable Backups: Backups stored offline or on write-once media cannot be encrypted by attackers.
- Multi-Factor Authentication (MFA): Especially on admin accounts and VPN access.
- Security Awareness Training: Phishing is the #1 vector. Employees need to be the first line of defense.
Response
- Isolate: Disconnect infected systems from the network immediately.
- Report: Contact law enforcement (FBI field office, CISA).
- Restore: Recover from backups. Only pay the ransom as a very last resort, and be aware it doesn’t guarantee data return.
