Sadly, ransomware infections are routine enough that IT departments have started to develop standardized procedures for rapidly quarantining infected machines, determining the extent of damage and then attempting recovery operations..
Get a Free Data Risk Assessment
For help with locking off computers performing suspicious actions (like modifying thousands of files in a minute), our DatAlert customers are using custom rules and scripts tied to behaviors. They’re running reports in DatAdvantage to rapidly find exactly which files were touched on which servers. However, until recently Varonis has been unable to help with recovery efforts.
While restoring files from backup is the best recovery option, often you’re still left with files which were created since the last backup was taken or in cases where the infection wasn’t promptly caught: where the files encrypted by the ransomware themselves were backed up.
If you’re in this situation, you need to:
- Identify the strain of ransomware you’ve been hit with.
- Locate an unlocking application (if any) for that strain.
To help with both of these recovery tasks, we’ve created a Ransomware Identifier. Enter either the file extension of the ransomware encrypted files, or the name of the ransom note file into the Ransomware Identifier search engine and rapidly get your answers.
What should I do now?
Below are three ways you can continue your journey to reduce data risk at your company:
Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.
See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.
Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.
