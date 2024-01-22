It’s the news no organization wants to hear―you’ve been the victim of a ransomware attack, and now you’re wondering what to do next.

The first thing to keep in mind is you’re not alone. Over 17 percent of all cyberattacks involve ransomware—a type of malware that keeps a victim’s data or device locked unless the victim pays the hacker a ransom. Of the 1,350 organizations surveyed in a recent study, 78 percent suffered a successful ransomware attack (link resides outside ibm.com).

Ransomware attacks use several methods, or vectors, to infect networks or devices, including tricking individuals into clicking malicious links using phishing emails and exploiting vulnerabilities in software and operating systems, such as remote access. Cybercriminals typically request ransom payments in Bitcoin and other hard-to-trace cryptocurrencies, providing victims with decryption keys on payment to unlock their devices.

The good news is that in the event of a ransomware attack, there are basic steps any organization can follow to help contain the attack, protect sensitive information, and ensure business continuity by minimizing downtime.