Panduan Ransomware untuk UKM Korea: Pencegahan, Respons, dan Pemulihan
Korea mencatat 56 serangan ransomware pada 2025 — tertinggi. 93% korban adalah UKM.

Panduan Ransomware untuk UKM Korea: Pencegahan, Respons, dan Pemulihan
Korea mencatat 56 serangan ransomware pada 2025 — tertinggi. 93% korban adalah UKM.
Key Statistics (2025)
| Metric | Number |
|---|---|
| Annual attacks | 56 (5-year high) |
| SME victims | 93% |
| Average downtime | 16 days |
| Recovery rate after payment | ~65% |
Attack Vectors
| Vector | Share |
|---|---|
| Email attachments | 35% |
| Remote Desktop (RDP) | 25% |
| Software vulnerabilities | 20% |
| Supply chain attacks | 10% |
| Other (USB, websites) | 10% |
Prevention: 3-2-1 Backup Rule
The foundation of ransomware defense:
- 3 copies of data
- 2 different storage types (NAS + external drive)
- 1 offline copy (air-gapped)
Security Basics
- Update all software regularly
- Disable or secure RDP behind VPN
- Use strong admin passwords (12+ characters)
- Enable multi-factor authentication (MFA)
- Train employees on phishing recognition
- Install real-time antivirus
KISIA Free Protection Program
KISA provides free security services to 41 SMEs including vulnerability assessments, ransomware response solutions, and security training. Apply at boho.or.kr.
During an Attack
Never Do
- Pay the ransom — no guarantee; marks you as repeat target
- Keep working on infected PC
- Delete encrypted files
Immediate Actions
- Disconnect from network — unplug LAN, disable Wi-Fi
- Report to KISA 118
- Preserve evidence — screenshot ransom notes
- Verify offline backups
- Contact security professionals
Recovery: No More Ransom
nomoreransom.org offers free decryption tools. Use "Crypto Sheriff" to identify your ransomware. Never delete encrypted files — new decryption tools are regularly added.
Sharing Backup Credentials Safely
SMEs need to share backup admin passwords among team members. Sending via WhatsApp risks permanent exposure.
Use LOCK.PUB to create password-protected links:
- Write backup credentials as a secure memo
- Set password + expiration time
- Share link with authorized personnel
- Send password via separate channel (phone call)
Auto-deletes after expiration — no sensitive data in chat history.
Summary
| Phase | Key Actions |
|---|---|
| Prevention | 3-2-1 backup, updates, MFA, KISIA |
| During attack | Disconnect, KISA 118, never pay |
| Recovery | nomoreransom.org, restore from backup |
| Credentials | LOCK.PUB for safe sharing |
Prevention is the best defense. Never pay the ransom.
Kata kunci
Anda mungkin juga suka
16 Miliar Password Bocor: Cara Cek Apakah Anda Terdampak
Kebocoran password terbesar dalam sejarah mengekspos 16 miliar kredensial. Pelajari cara mengecek apakah akun Anda dikompromikan dan apa yang harus dilakukan.
Kebocoran Data Chatbot AI: Apa yang Terjadi Saat Anda Paste Info Sensitif ke ChatGPT
Apakah ChatGPT aman untuk data sensitif? Pelajari risiko privasi nyata dari chatbot AI, kebocoran data terbaru, dan cara melindungi informasi rahasia Anda.
Asisten Coding AI Menulis Kode yang Tidak Aman: Yang Perlu Diketahui Developer
GitHub Copilot dan Cursor AI dapat memperkenalkan kerentanan keamanan. Pelajari tentang 74 CVE dari kode yang dihasilkan AI di tahun 2026 dan cara melindungi codebase Anda.
Buat tautan terlindungi kata sandi sekarang
Buat tautan terlindungi kata sandi, memo rahasia, dan obrolan terenkripsi secara gratis.
Mulai Gratis