Article number
Affected Versions
Source Hypervisor
Target Hypervisor

How to mitigate risk following a ransomware attack

Viewed 851 times


This knowledgebase article covers the steps to take if your organization is impacted by a ransomware attack.


1. Log in to the DR site GUI and pause all the VPGs from there
2. Disconnect the DR site network from the production site
3. Power off the ZVM and VRAs on the production site
4. Open a case with Zerto Support and provide the following:
a. Quantity of VMs impacted
b. Quantify of VPGs that need to be recovered
c. Whether the DR site ZVM is still functional
d. Zerto version you are currently on
e. Source Platform Information, (e.g. vCenter, AWS, Hyper-V, Azure, etc.)
f. DR Platform Information (e.g. vCenter, AWS, Hyper-V, Azure, etc.)