The latest cyberattack, called Bad Rabbit, started on Tuesday in Europe and quickly spread to the U.S. This outbreak, like WannaCry and NotPetya, are forms of ransomware. It's when hackers encrypt files on victims' computers and demand money in exchange for unlocking the system.
Training employees is the best way to avoid a security breach.
"The first line is employee education," said Stephen Cobb, a security researcher at ESET, a security software company. "Having employees trained and aware is critical. These attacks are not going away anytime soon, so companies need to know how to deflect them."
Every organization should have a plan in place in case of an emergency, Cobb said. That includes backing up your files. KQED, a TV station and National Public Radio affiliate in San Francisco, was attacked in June. The station had to run evergreen content and work out of makeshift newsrooms during the attack because its employees weren't able to access their work. And some inconveniences lagged on for months.
|Ransomeware: Should businesses pay up?|
|Your computer's security updates may be annoying, but they're crucial|
"IT has become critical to our operation," said Jon Brooks, an online editor for KQED, who admitted that the station didn't have a ransomware attack protocol in place, but has since formed a system. "Everything we do is dependent on the network."
If your business has been affected, damage control is key. Cobb said you should notify your attorney, then contact employees and major stakeholders.
"There's a reluctance to tell someone that your security has failed," he said. "However, I think it's very helpful to stand up and say, 'Hey, we were hit, we think it got in like this, but in the meantime we're taking every effort to remedy the situation and continue serving our customers through this period.'"
Obviously, preventing an attack is always better than dealing with one after the fact. But Cobb assures businesses that they can recover from them.
KQED did, though in the end, it took two months for the station to get fully re-networked. And for several days, there were no phones, no email, no internet. People used their home computers and cell phones to get by.
Yet, the news still made it onto the airwaves.
Correction (Oct. 27, 2017): An earlier version of this story misstated now long KQED was without phones, email and internet access during its cyberattack. The text has been corrected.