How do you respond to ransomware?

By IBM Security

A guide for organisations to prepare for and deal with ransomware infections.

Ransomware took a Los Angeles hospital hostage earlier this year. Patient and emergency systems were affected, before it made a payment of US$17,000 in bitcoins to get access back.

How can governments, hospitals and schools deal with such attacks? A new report by IBM Security provides guidance on how organisations can respond.


The decision on whether to pay the ransom or not is a complicated one. There are no guarantees that agencies will get their files back if the ransom is paid, the report says.

Agencies should first consider whether they have an internal backup of important files. “Responding to ransomware or other types of malware may require a cross-functional response within the organization,” it adds.

The report shows how to prepare and defend against ransomware attacks; and how to detect, analyse, contain and recover during an attack. It also shows what steps should be taken afterwards to learn from current weaknesses.

If you would like to hear more from IBM Security, download the full report below.