Any device connected to the internet is at risk of becoming the next ransomware victim. Ransomware scans a local device and any network-connected storage, which means that a vulnerable device also makes the local network a potential victim. If the local network is a business, the ransomware could encrypt important documents and system files that could halt services and productivity.
Do not try to install operating system (e.g. Windows, Macintosh or Unix) or scan with antivirus after ransomware attack. Scan drive or system with any recovery software will also make data non-decryptable permanently.
You must isolate systems so that they cannot affect the rest of the environment. Disconnect systems, and power them down if necessary.It’s common for a ransomware victim to be a target for a second attack.