What steps should I take if I have been the victim of a ransomware attack?
What should you do if you have been attacked?
The National Cyber Security Center NCSC advises the following steps:
Under certain conditions, a partial or complete restoration of the data is possible even without a data backup. A decryption may work under certain circumstances if:
- the ransomware has not encrypted or deleted shadow copies in Windows
- Snapshots of virtual machines or previous file versions exist in cloud servises
- forensic recovery of deleted files is possible
- the ransomware has flaws in its encryption function or the key for decryption is known.
What can be done to protect oneself against cyberattacks?
This is the question that all companies are asking themselves at the moment.
MOUNT10 therefore launched the Swiss Cyber Defence Initiative in October 2020 with the cooperation of various industry partners such as Swisscom and Microsoft.
Swiss Cyber Defence DNA (SCD-DNA) is a guide for your SME to protect yourself easily and efficiently against cybercrime threats and major financial damage.
The guide is free of charge and solution-neutral.
Measure No. 1 refers to “Current unchangeable data backup / read-only backup”.
Source: https://www.ncsc.admin.ch/ncsc/de/home/infos-fuer/infos-unternehmen/vorfall-was-nun/ransomware.html