There are many articles on ransomware. Many are trying to convince you that if you buy the products they mention, you can prevent ransomware attacks. I want to shed light on the reality of the situation, which is that ransomware is so evil and powerful it is nearly impossible to stop.
With that said, what is the first thing you need to know and do about ransomware?
We suggest that you set up an environment where you are “informed” about attacks. Once ransomware starts to encrypt files, there is little you can do to really stop the disaster. What I mean is that once you have some files encrypted, even if you shut down the server the files will continue to encrypt once you turn it back on.
So the first rule of fighting ransomware is to have a solid backup. The only way to truly recover from ransomware is to restore your files from a backup.
However, you still want to be notified that you are under attack, as the ransomware can find its way from the one server it is encrypting to others on the network.
In order to be notified that you are being attacked and files are being encrypted, you must have a solution in place before the ransomware initiates. I know this sounds obvious, but I get some strange questions around this.
Log360 and FileAudit Plus can help you monitor files that are being encrypted and notify you about the infection.
Stay tuned for our next installment, where we will go over the basics of ransomware in greater detail.
If you want to see for yourself how Log360 and FileAudit Plus can notify you of a ransomware attack, you can download all of these products from below.