ransomware attack
Falling victim to ransomware could put your vital business or personal data at risk of being lost forever. These steps can help bolster your defences. However, if a breach occurs, a company must report it to the Office of the Privacy Commissioner.
 

For individuals:

  • Do not click on links or open attachments in emails sent to you by someone you do not know.
  • Do not provide personal information over the phone or online to untrusted sources.
  • Install a reputable security software suite on all devices and secure your wireless router.
  • Disable file sharing and remote desktop.
  • Make sure all your software, including anti-virus software, is up to date on all your devices.

If you become a victim:

  • Don’t panic. Do not do anything further on your computer. Contact a trusted IT professional who can try to isolate the threat. 
  • Report the incident to your local police force.
  • Contact the Canadian Anti-Fraud Centre.
  • Consult nomoreransom.org, which was developed by law enforcement and IT security companies globally to help victims retrieve their data. 

For businesses:

  • Train and educate staff on good security practices, and restrict administrative privileges.
  • Do not click on links or open attachments in emails sent to you by someone you do not know. 
  • Use a reputable security software suite. 
  • Back up your system/data regularly to a cloud or removable media such as an external hard drive not constantly connected to the server. 
  • Use application whitelisting to help prevent malicious software and unapproved programs from running. 
  • Make sure all software, including anti-virus software, is up-to-date on all computers, servers and devices, including mobile phones and tablets. 
  • Develop a business continuity plan and incident response plan.

If your business is targeted:

  • Do not do anything further on your computer. If available, consult your local IT department or an IT professional for assistance.
  • Critical infrastructure, businesses and provincial/ territorial/municipal governments should immediately report the incident to the Canadian Cyber Incident Response Centre (CCIRC).
  • Report the incident to your local police force of jurisdiction and inform CCIRC you have done so. 
  • Contact the Canadian Anti-Fraud Centre.

The RCMP suggests you do not pay the ransom for several reasons:

  • There is no guarantee that your data will be recovered. 
  • You may be extorted for more money after the original ransom is paid. 
  • You can make yourself a future target. 
  • Extortion via ransomware is a criminal offence, and the money you pay will be used to fund criminals and/or criminal organizations and motivate them to further victimize others. 
  • Even if you have paid the ransom, the RCMP still encourages you to report the incident.