Feds Float Methodology for Successful Company Recovery After a Ransomware Attack


The federal government has released an exhaustive 456 page technical how-to draft guide to help companies recover from ransomware attacks that threaten their ability to conduct business. 

A series of ransomware attacks spreading throughout the world has made some of these malware, including Petya and WannaCry, household names. Most consumers have seen pictures of the crippling ransomware attacks that infected computer networks and demanded payment in Bitcoin to unlock their systems. As scary as the incidents were, for most consumers, the cyberattacks didn’t affect them directly and they moved on with their lives. 

But, what happened to the companies that were affected by these ransomware? Did they ever regain control of their data? Did they have a backup version of the data? Was the recovered data clean and usable? Shipping and logistics company A.P. Moller-Maersk A/S was among the companies targeted in a ransomware attack. The company had to shut down systems to contain the cyberattack and may cost the Danish company up to $300 million, according to Bloomberg News.

To help companies and organizations prepare and recover from similar cyberattacks, the U.S. government has issued a guidance in collaboration with members of the business community and vendors in the cybersecurity industry. The National Cybersecurity Center of Excellence at the National Institute of Standards and Technology released “Data Integrity: Recovering from Ransomware and Other Destructive Events.” 

The guide recognizes that the challenge for companies is to “be able to quickly recover from a data integrity attack and trust that any recovered data is accurate, complete, and free of malware.”

The guide proposes a solution that “incorporates appropriate actions in response to a detected cybersecurity event.” By implementing multiple system that work in concert to recover from cybersecurity incidents, organizations will be able to recover the jeopardized data, it said. The guide provides advice for companies to develop a strategy to recover from cybersecurity events, manage enterprise risk, and facilitate a “smoother recovery from an adverse event, maintain operations, and ensure the integrity and availability of data critical to supporting business operations and revenue generating activities.”

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.