Ransomware - A Real Danger
Be knowledgeable and prepared
SERVICES
Ransomware Services
Detection
The way by which an organization first detects ransomware infection can vary according to the situation.
Learn more >
Analysis
When embarking on the Analysis phase of the incident, it is essential to identify the specific variant of ransomware that compromised the environment.
Learn more >
Containment
The Containment phase is a critical part of the response plan.
Learn more >
Eradication
epending on the scope of the attack, this operation can be lengthy and may involve both user devices and more pivotal machines and services that have been impacted.
Learn more >
Recovery
Depending on the results of your root cause analysis, if the attack was made possible by vulnerable systems, those will have to be patched to prevent them from being re-exploited in the future.
Learn more >
Post-Incident Activity
fter any incident, large or small, it is recommended to meet with relevant stakeholders and discuss the elements that worked well and examine those that did not work.
Learn more >
Ransomware attacks in 2022 (million)
%
Increase in attacks in the past year
Attacks per customer
Protect Your Business
Ransomware (definition): An online attack perpetrated by cybercriminals who demand ransom to release hold on encrypted or stolen data. In the past decade, attacks that fall under the ‘ransomware’ umbrella have evolved from a consumer-level nuisance of fake antivirus products, to sophisticated malware with advanced encryption capabilities that now primarily target public and private sector organizations. And while threat intelligence can help uncover which organizations may be considered primary targets at any given time, no single industry, geography or size of business is immune. As the footprint of ransomware keeps evolving, so too does the amount of ransom demanded to release data. Ransom amounts that used to total double digits have grown to seven and eight figure numbers. In even more extreme cases, attackers demand victimized companies pay as much as $40M to $80M U.S. to have data released back to their control.
Ransomware in Colorado and California has evolved along a third axis, as well: the extortion-like business model threat actors use to force payment from victims. If victims fail to pay within the allotted time, criminals escalate the attack and threaten to release confidential data publicly, or even auction it to the highest bidder on the dark web. And in yet another evolutionary twist, ransomware is now sometimes blended with destructive attacks, ultimately aimed at destroying and disrupting operations despite claims to return the data once the ransom is paid. Ransomware is one of cybercrime’s strongest business models today, pushing aside long held staples like banking Trojans, phishing, DDoS, and cryptojacking. Ransomware has crippled organizations across the globe carrying with it cumulative price tag well into the billions of dollars. In an even darker twist, ransomware has even begun reaping a toll on human life itsel
The urgency of informed response
When a ransomware attack is discovered, every second counts. Uninterrupted, time is the ally of the attacker. As time passes, more data and files are encrypted, more devices are infected, ultimately driving up both cost an damage. Immediate—yet methodical and informed—action must be taken.
Alerting IT security teams and allowing them to launch the incident response process that they have prepared to combat ransomware should be a first step. If you have a retainer contract with a third party provider it is advisable to engage them as well. Other parties to consider contacting are federal law enforcement and regulators, depending on the local requirements for the geographies in which your company operates.
Need help?
We can give you a call.