Falling victim to ransomware could put your vital business or personal data at risk of being lost forever. These steps can help bolster your defences. However, if a breach occurs, a company must report it to the Office of the Privacy Commissioner.
For individuals:
- Do not click on links or open attachments in emails sent to you by someone you do not know.
- Do not provide personal information over the phone or online to untrusted sources.
- Install a reputable security software suite on all devices and secure your wireless router.
- Disable file sharing and remote desktop.
- Make sure all your software, including anti-virus software, is up to date on all your devices.
If you become a victim:
- Don’t panic. Do not do anything further on your computer. Contact SiRON Technologies at [email protected].
- Report the incident to your local police force.
- Contact the Canadian Anti-Fraud Centre.
- Consult nomoreransom.org, which was developed by law enforcement and IT security companies globally to help victims retrieve their data.
For businesses:
- Train and educate staff on good security practices, and restrict administrative privileges.
- Do not click on links or open attachments in emails sent to you by someone you do not know.
- Use a reputable security software suite.
- Back up your system/data regularly to a cloud or removable media such as an external hard drive not constantly connected to the server.
- Use application whitelisting to help prevent malicious software and unapproved programs from running.
- Make sure all software, including anti-virus software, is up-to-date on all computers, servers and devices, including mobile phones and tablets.
- Develop a business continuity plan and incident response plan.
If your business is targeted:
- Do not do anything further on your computer. Contact SiRON Technologies at [email protected].
- Critical infrastructure, businesses and provincial/ territorial/municipal governments should immediately report the incident to the Canadian Cyber Incident Response Centre (CCIRC).
- Report the incident to your local police force of jurisdiction and inform CCIRC you have done so.
- Contact the Canadian Anti-Fraud Centre.
The RCMP suggests you do not pay the ransom for several reasons:
- There is no guarantee that your data will be recovered.
- You may be extorted for more money after the original ransom is paid.
- You can make yourself a future target.
- Extortion via ransomware is a criminal offence, and the money you pay will be used to fund criminals and/or criminal organizations and motivate them to further victimize others.
- Even if you have paid the ransom, the RCMP still encourages you to report the incident.