Ransomware Recovery Services

ransomeware-recovery-icon

Have you been hit with ransomware? Don’t let the criminals get the upper hand. Call us now. We’re standing by, ready to help.

Benefits of Ransomware Recovery Services

There are many different strains of ransomware: some are merely a nuisance, while others are absolutely devastating. Because the different variants behave in such diverse ways, and because they keep changing, it’s imperative that you consult with a knowledgeable professional if you need to recover from a ransomware attack.  

Ransomware is not something you should try to resolve on your own. You may not be aware that many ransomware strains will set up Command and Control (C&C) stations within your network. If you don’t root out the C&C device first, you can easily make things much worse by making attempts to recover by yourself. Before you start, you must identify which strain of ransomware is attacking you.

With that in mind, here are the first steps you should take if you are ever hit with ransomware. First, shut off Internet access at the firewall. Second, remove network adapters and pause all servers within the network. Third, hibernate all PCs in the network. The more quickly you can take these three steps, the better your chances of mitigating the damage.

The amount of time this will take depends on how far the damage has spread, how many computers are connected to the network, and how quickly a team can be assembled to work on recovery. We have seen it take as little time as four hours and as much as six weeks. The most typical total shutdown times are between eight and 12 hours, but every situation is different and a great deal of variation is possible.

Ransomware Recovery Service Engagements

If a customer calls with a ransomware issue, we ask for the following information:

  • When did you first detect a problem?
  • What, if anything, do you know about how the attack started?
  • Have you shut everything down?
  • Roughly how many servers and computers are connected to your network?

With those details on hand, we can construct an initial outline of the potential scope of the problem and identify an appropriate response. We do require a retainer, but as soon as it’s received we will begin the process of assembling a team at your facility.

Ransomware Recovery Service Data Sheet Download

Download

Ransomware Recovery Service FAQS

Who created ransomware? Who is responsible for ransomware attack?

In all the years we have been fighting ransomware, we have never once found out the identity of the perpetrator. But there are some commonalities: it is usually foreign nationals who are operating as a business. The FBI has published information about countries where these individuals are often active, but we probably will never be able to answer this question.

Will you report this to law enforcement?

With your consent, yes, we will report the incident to the FBI’s cybercrime unit.



Are there cases in which law enforcement has actually caught the criminals?

If law enforcement catches cybercriminals, we don’t know about it. We are not privy to the FBI’s activities or successes. Business owners should not hold out hope that the recovery process will be aided or simplified by the FBI’s efforts.

Can we just pay the ransom to avoid most of the disruption?

This is a complicated question. First, yes, we can consider paying the ransom, but you should never do so on your own. You’ll need a third party intermediary who can purchase bitcoin and contact the perpetrators via a secure channel. However, even if you do pay them, you cannot be confident that they will give you the key that will enable you to decrypt your data. And even if the key does work, you don’t know what your data will look like afterwards. Most of the time, even if you have a decrypting key, you will still have millions of files to unlock manually. This can be far more time-consuming and burdensome than restoring from a backup. In addition, you must be sure the entire network has been scanned so that you know all ransomware has been removed. Without this step, you’re likely to get hit again.

How much is the ransom apt to be?

The ransom amount varies in every single case. It’s largely a question of how much the criminals think they can get from you. Ransoms can range from a few thousand dollars to several million. To determine how much the criminals want from you, you need to respond to the ransom note from a secure email account that is in no way associated with you or your business.

How long does it take to recover from a ransomware attack?

Again, it completely depends on the circumstances. If you have good backups that were not infected by the criminals, and you follow a careful procedure, you’re likely to recover in days. If you backups were infected, and/or a very large number of computers are involved, you can expect the recovery to take weeks.

How serious is ransomware?

Ransomware can be anything from a trojan virus on an individual workstation to a virus that infects an entire system, causing upwards of millions of dollars to recover from. Ransomware can be very serious, resulting in stolen valuable data, long down times, or crippling of businesses. Ransomware should not be taken lightly.

What Our Clients Say

I got to know Marc and CNS because he was sent to our Newark operation where in a single visit he identified the problems we were having in our network and fixed everything in a return trip.  I was so impressed I invested in his company!

Anton Schiffenhaus
Chairman of the Board

The CNS team was great. They worked with us tirelessly in the most severe situation we have ever faced. CNS uniquely understood the need in our operation having worked many years with boxmakers. We genuinely could not have gotten back on our feet without them.

Laura Boucher
Chief of Staff

Century Box

It’s not often that your vendors deliver what they promise in the sales process, but CNS has been great. They adhere to the motto, “under promise and over deliver.” Every time we needed them, they were on the spot and stuck with us until the need was met, even when it wasn’t technically their issue to solve.

Steve Olroyd
CIO

Supply One

Learn More About Our Ransomware Recovery Service

LEARN MORE