How can you begin to mitigate the damage right now—as soon as the first ransomware symptom rears its ugly head? How do you avoid paying the ransom? What do you do after the attack to restore your data? Here are the ransomware mitigation steps the security experts recommend you take:

1.Identify, isolate, and remove the infected computer(s) Disconnect from the network immediately, so ransomware cannot spread to shared drives and connected systems.

2.Set the BIOS clock back Resetting the BIOS clock back to a time before the ransom expiration window is up might help delay the expiration deadline. But the programmers are getting smarter, so this tactic may only work with certain strains of ransomware.

3.Determine when the infection started Often you’ve been infected for weeks before the ransomware message appears. Before you can restore your clean files from backup, you need to know how far to go back to ensure a clean restore.

4.Inform employees Ensure that all employees are aware that a ransomware attack is in process and direct them to the processes and procedures needed to protect their data and provide a timeframe for restoration of affected systems.

5.Use System Restore & Decryption Tools Enable System Restore on your Windows machine, as you might be able to take your system back to a known clean state. Also, see if your anti-virus solution offers free decryption tools that can help decrypt files.

6.Identify a safe point in time Determine the point in time when ransomware infected your data. Restore the most recent clean files from a backup just prior to the infection date.

7.Restore infected systems If a production database or mission-critical application has been infected, leverage a DRaaS solution to spin up an image or virtual machine in minutes -- ensuring your users stay productive.