Malware

If your organisation's network is infected with malware, you may notice that devices are unusable or locked, or that data has been deleted or encrypted.

If your IT is managed externally, contact the right people to help:

• Get in touch with your external IT providers – they are there to support you and help fix it.

If you manage your own IT, take actions to try and limit the impact:

• Immediately disconnect the infected computers, laptops or tablets from all network connections, whether wired, wireless or mobile phone based.
  
• In a very serious case, consider turning off your wifi, disabling any core network connections (including switches), and disconnecting from the internet.
  
• Reset credentials including passwords (especially for administrator and other system accounts) but verify that you are not locking yourself out of systems that are needed for recovery.
  
• Safely wipe the infected devices and reinstall the operating system (OS).
  
• Before you restore from a backup, verify that it is free from any malware. You should only restore from a backup if you are very confident that the backup and the device you're connecting it to are clean.
  
• Connect devices to a clean network to download, install and update the OS and all other software.
  
• Install, update and run antivirus software.
  
• Reconnect to your network.
  
• Monitor network traffic and run antivirus scans to identify if any infection remains.