Protect Your Business

Ransomware: An online attack perpetrated by cybercriminals who demand ransom to release hold on encrypted or stolen data. In the past decade, attacks that fall under the ‘ransomware’ umbrella have evolved from a consumer-level nuisance of fake antivirus products to sophisticated malware with advanced encryption capabilities that now primarily target public and private sector organizations. And while threat intelligence can help uncover which organizations may be considered primary targets at any given time, no single industry, geography or size of business is immune. As the footprint of ransomware keeps evolving, so too does the amount of ransom demanded to release data. Ransom amounts that used to total double digits have grown to seven and eight figure numbers. In even more extreme cases, attackers demand victimized companies pay as much as $40M to $80M U.S. to have data released back to their control.

Ransomware – A Real Danger


The way by which an organization first detects ransomware infection can vary according to the situation.


The Containment phase is a critical part of the response plan.


The Containment phase is a critical part of the response plan.


The Eradication phase involves removing the ransomware from infected systems across the organization.


Depending on the results of your root cause analysis, if the attack was made possible by vulnerable systems, those will have to be patched to prevent them from being re-exploited in the future.

Post-Incident Activity

Post-Incident Activity

After any incident, large or small, it is recommended to meet with relevant stakeholders and discuss the elements that worked well and examine those that did not work.


Ransomware attacks in 2022 (million)


Increase in attacks in the past year


Attacks per

Extortion-Based Business Models and Destructive Tactics in Colorado and California

Ransomware in Colorado and California has evolved along a third axis, as well: the extortion-like business model threat actors use to force payment from victims. If victims fail to pay within the allotted time, criminals escalate the attack and threaten to release confidential data publicly, or even auction it to the highest bidder on the dark web. And in yet another evolutionary twist, ransomware is now sometimes blended with destructive attacks, ultimately aimed at destroying and disrupting operations despite claims to return the data once the ransom is paid. Ransomware is one of cybercrime’s strongest business models today, pushing aside long held staples like banking Trojans, phishing, DDoS, and cryptojacking. Ransomware has crippled organizations across the globe carrying with it cumulative price tag well into the billions of dollars. In an even darker twist, ransomware has even begun reaping a toll on human life itsel


The urgency of informed response

When a ransomware attack is discovered, every second counts. Uninterrupted, time is the ally of the attacker. As time passes, more data and files are encrypted, more devices are infected, ultimately driving up both cost an damage. Immediate—yet methodical and informed—action must be taken.

Alerting IT security teams and allowing them to launch the incident response process that they have prepared to combat ransomware should be a first step. If you have a retainer contract with a third party provider it is advisable to engage them as well. Other parties to consider contacting are federal law enforcement and regulators, depending on the local requirements for the geographies in which your company operates.

We Provide Live Help

While many IT companies go out of their way to avoid live interactions, we encourage you to talk to us whenever you need. As a Managed IT Service Provider in San Diego and Denver, we always answer our phones. It is very important to us that your call is answered by a live human being in our office and directed to the appropriate resource to resolve your issue. If you submit your request online, it will receive the same priority handling as calling us.