How Companies should React when a Ransomware Attack Occurs
Executives planning how to react after a Ransomware attack
September 3, 2021

Imagine the following worst-case scenario: your company has taken the right steps to protect its employees, customers and data from cyber-attacks, and yet a ransomware attack still occurred. Now what? It happens; no company is fully safe from today’s rising cases of cyber-attacks and data breaches. Even with the most secure platforms, hackers may find discerning ways to infiltrate the system. How a company reacts in the first few hours and days following a cyber-attack is crucial.

First Step: Recognizing the signs of a data breach

Employees must be educated and empowered to immediately inform their IT department if they suspect a ransomware attack has occurred. Employees may feel guilty and embarrassed if they believe they are at fault of letting a data breach happen. However, if the threat is not addressed immediately, the consequences could be more severe. The best way to damage control is to respond to a security threat immediately. Signs of a data breach include but are not limited to:

  •         Locked accounts or changed user credentials

  •         Missing funds or assets

  •         New suspicious or unknown files

  •         Reduced Internet speed.

Next: Determine and isolate the systems impacted.

Early on, only a few computers may be affected in the attack. In this case, it is crucial to disconnect the affected hardware from the system. The network should then be taken entirely offline. If the network cannot be taken offline, all devices should be powered down. It is important to however note that in that case you may lose some evidence of the attack which would be beneficial for the authorities. Best course of action is therefore to take the entire network offline at the switch level. Once damage control is done, the company may begin restoring critically important systems based on priority level.

Final Steps: Engage the right stakeholders

Depending on where your company is located, you may want to contact the FBI or the police once the first step is complete and the affected systems are isolated. It is important for your IT department to identify what information the hackers may have infiltrated for the authorities to try to salvage the situation accordingly. If the hackers ask for a ransom, do not attempt paying them right away but rather let the professionals handle it. Majority of the time, even if a ransom is paid, data has already been stolen or compromised. The next relevant stakeholders to contact would include managed security service providers, your cyber insurance company, and the board of directors and other developmental leaders.

Lastly, your company will need to find a proper way to disclose its data breach to either the public or simply just the affected customers; this will depend on the impact of the attack and how many potential customers’ data was affected. Your communication department can handle this appropriately. Customers whose data has been compromised need to be informed right away. Although loss of trust from customers is a serious consequence of ransomware attacks, if handled appropriately, it is possible for a business to rebuild itself and regain trust from the public.


By: Joanna Ambros, MBA

You May Also Like…


Submit a Comment

Your email address will not be published. Required fields are marked *

Solutions to Grow Your Business

We've got you covered with our comprehensive portfolio of solutions.

Cybersecurity Solutions

Cyber Incident ​Response
Endpoint Detection and Response (EDR)
Extended Detection and Response (XDR)
Firewall Security
Mail Security
Penetration Testing Services
Security Baseline Assessment
User Defence
Vulnerability Detection Response (VDR)
Wi-Fi Security

Backup & Recovery Solutions

Hybrid Backup
Enterprise Backup
Mail Archiving

Public & Private Cloud Solutions

Azure Management and Monitoring
Microsoft 365 Administration
Private Cloud
Microsoft CSP

Helpdesk & Field Services Solutions

Professional Services & Consulting Solutions

Monitoring & Management Solutions

Hardware Maintenance Solutions

Application Management Services

Telco Industry Solutions

AI Business Solutions

Your partner in digital transformation

Helping the next generation of MSP and IT solution providers transform and grow.

businessmans handshake

Types of Partners

Managed Services Provider (MSP)

Internet Service Provider (ISP)

Value Added Reseller (VAR)

businessmans handshake

Partnership Overview

Jolera’s partner program offers flexibility to engage with us on your terms. We have spent more than two decades building award-winning best in class partner enablement and turnkey end-customer solutions for you.

Partner Program

Jolera has three partner programs to choose from: Select, Preferred and Premier.

Learn about us and the legacy we have created

At Jolera, we treat each MSP partner with specialized care. With more than 20 years of IT experience, we offer the latest technology to navigate cloud, security, endpoint, and storage needs.

vintage pocket watch vintage background concept

About Us

Jolera is widely recognized as a global managed services leader. We started as managed services provider over 20 years ago and have been at the forefront of managed services innovation ever since.


Our People

As a service provider our main goal is to make the customer happy. For that final goal, we need passionate and happy people working with us – Our People Are Our Biggest Asset.


Our Leaders

We are performance driven at the core - tying together best of breed technology and industry leading expertise with pragmatic processes built to deliver outcomes.

Meet Our Leaders!