Call us directly: 1-787-412-6430

7000 N Plaza Austin, TX 78753 USA View Location

100 Blvd Paseos 1030, PR 00926 USA View Location

Ransomeware Incident Risk Assessment

Ransomware attacks are on the rise and likely to become more painful and frequent as attackers are finding that organizations are not well prepared to defend themselves and are often willing to pay handsomely to end the incident. Ransomware attacks commonly include an attacker using malware software or code that both encrypt data files with strong encryption and replicate and propagate themselves quickly throughout networks to maximize their presence and impact. The attacker will harvest the encryption keys needed to decrypt the data and hold onto them in exchange for ransom. If victims do not pay, they will not be provided the encryption keys required to decrypt and access their data.

Organizations that consider the threat of a ransomware attack to be both likely and materially business impacting should consider a number of issues to limit the impact of these attacks and respond effectively. Here are 5 key considerations when evaluating this threat scenario and response plans:

  1. Managing the Risk: To Pay or Not to Pay?
  2. Negotiation
  3. Is this the beginning or end of the attack?
  4. Are backups good enough and should they be used?
  5. Identify when networks and systems should be segmented and/or disabled

Preparation is key to a successful response for any attack scenario, but especially for a ransomware attack. These attacks and the decisions and actions that an organization is required to take to effectively respond to them go well beyond technical considerations and often fall into the realms of both enterprise and information risk management. Regardless of what decision is made, business leaders need to be aware of the broader considerations associated with this type of attack to ensure they are not targeted by the original or different adversaries in the future.