Ransomware

A ransomware attack on your business is a very significant event. Ransomware demands for small businesses average around $45,000. In many cases, threat actors (hackers) have been on your network for weeks conducting surveillance. Many new strains of ransomware will first steal your data, then encrypt it. If you fail to pay the ransom demand, the threat actors will publish your data to a public website. If you do not have viable backups, you will most likely have to pay the ransom demand in order to recover your data. In some cases, Black Talon Security can recover files without having to pay the ransom.

If ransomware recovery is not handled properly, you business may suffer partial or total data loss. It is not as simple as just transfering money to the threat actors and running a decryption tool. A very careful and methodical process must be followed to insure your systems are recovered. One mistep often results in the loss of your business operations and data.

Our Recovery Process

Due Diligence

  • We will spend approximately 3 hours analyzing the ransomware to determine if a free decryptor is available.

  • We have worked with many threat actors over the years and may be able to provide you with information on the group.

  • Look for possible copies of the data in order to reduce the chances of having to pay the ransom.

  • A plan of action and recommendations will be discussed with you

Data and System Recovery

  • We will methodically bring the most critical systems back online in a controlled and detail-oriented manner

  • We will provide constant communication with you during the recovery process

  • Expert IT resources are available to assist with bringing software applications and network systems back online 

Negotiation With Threat Actors

  • We will securely make contact with the threat actors

  • We will try and negotiate a lower price for the extortion demand

  • We will facilitate the transfer of cryptocurrency

  • We will ask for proof of life

  • We will conduct a compliance check

  • We will confirm the safety of the tool being used to decrypt your files

  • A recovery time-line is outlined and discussed

Follow us at:

Cyber Prevention | Breach Response | Forensic Investigation | Cybersecurity Awareness Training

© 2020 Black Talon Security, LLC.  All rights reserved | 2875 Route 35 | Katonah, NY 10536 | 800-683-3797