Being in the midst of a ransomware attack is terrifying, especially when you’re working for a healthcare facility. Your computers are locked out, only showing a message demanding you to pay the hacker in Bitcoin, and all of your confidential financial and patient information hangs in the balance. To add even more stress, all of this is happening while you have patients who need medical attention waiting.

Most hospitals and healthcare businesses panic and immediately pay the ransom as soon as they can. While it seems like your only option, it’s actually one of the worst things you can do.

Think about it: paying the hacker does not guarantee that you’ll get your files back at all. You’re really going to trust the person who put your entire business in critical danger in the first place? If you pay, your business will now be known by hackers are a target that pays the ransom, and the money you give the hacker goes into the cybercrime industry to make hackers even more proficient.

Like most things in life, the best defense is prevention and being prepared. There are also some measures you can take in the middle of an attack to avoid paying the ransom.

Always be Prepared

Two of the most important things that will prepare you for any ransomware attack are file backups and data encryption.

Having copies of all of your files stored away in a separate server means that if a hacker locks down your network and holds your files hostage, you can just fall back on those copies. This is more of a reactionary measure than a preventative strategy, but it’d definitely something you want to have set up as soon as possible. Many IT providers, including cloud providers, offer their services to host file backups on their servers. Not only this, but they (and we) can continually update those backups so they always reflect what your files currently look like.

You’ve probably heard of data encryption by now, but in case you haven’t heard, it means that if a hacker got ahold of your encrypted data, it would appear to them as undecipherable gibberish. Encrypted data requires a key to unlock the encryption, which is of course only available to whoever ordered the encryption and whoever else they choose to have the key.

The best preventative method to battle ransomware is, unsurprisingly, education! Ransomware is not magic, it happens because somewhere there was a hole in your security or, most commonly, human error. Ransomware can happen because of email scams, fake links and downloads or by bypassing unprotected WiFi signals. Learn the risk factors that lead to ransomware attacks and pass that information down to every single employee in your business!

What to do During Code Red

So you’ve been breached with ransomware, and you really don’t want to pay the ransom. Good! But what do you do now?

What we recommend is that you try to find out specifically what kind of ransomware is being used on your business. Just like security systems can become old and outdated, so can malware, and since a lot of malware is named it can be possible to find out what you’re being attack with, and find out how to deal with it by contacting a cyber defense professional.

For more information about how to prevent ransomware, check out the White Papers on the TOSS C3 website!