If your organisation has already been infected with malware, these steps may help limit the impact. Ransomware can cripple your business, get cyber insurance with Da Vinci Cybersecurity.
- Immediately disconnect the infected computers, laptops or tablets from all network connections, whether wired, wireless or mobile phone-based.
- In a very serious case, consider whether turning off your Wi-Fi, disabling any core network connections (including switches), and disconnecting from the internet might be necessary.
- Reset credentials including passwords (especially for administrator and other system accounts) – but verify that you are not locking yourself out of systems that are needed for recovery.
- Safely wipe the infected devices and reinstall the OS (Operating System)
- Before you restore from a backup, verify that it is free from any malware. You should only restore from a backup if you are very confident that the backup and the device you’re connecting it to are clean.
- Connect devices to a clean network in order to download, install and update the OS and all other software.
- Install, update, and run antivirus software.
- Reconnect to your network.
- Monitor network traffic and run antivirus scans to identify if any infection remains.
Source: UK National Cyber Security Centre