While the news media publishes that most ransomware attacks cost only a few hundred dollars, on a weekly basis Cytelligence negotiates on behalf of clients where ransomware demands for payments are between $20,000 and $150,000 in Bitcoin.
Ransomware is serious business. Don’t leave ransomware negotiations to amateurs or well- meaning techies. And ransomware is definitely not a D-I-Y project.
It’s one of the most prevalent cyber security threats in the world, making headlines daily: crippling ransomware attacks. Ransomware attacks are used by independent hacking cells, professional crime syndicates, ex-employees, and so-called hacktivists to extort money from individuals and organizations while crippling your ability to access your files, your client database, R&D research, your own intellectual property, your website, and even basic email. Cyber security firm Cytelligence is uniquely qualified to help both individuals and businesses deal with ransomware attacks across the U.S., from New York to San Francisco, from Seattle to Austin to Miami - and all points in between.
Essentially, ransomware takes your data hostage and hackers will extort a ransom for the release of your data. Why do cybercriminals want your data? Data is the new "gold." Here are just some of the things that typically happen during a ransomware attack:
These are some of the situations that Cytelligence's ransomware removal team faces each week, supporting individuals, small business and enterprise-organizations in the safe resolution of their ransomware attacks.
Make no mistake: a ransomware attack affects your operational capacity, your financial position, your stock price if your company is publicly traded; your compliance with regulators and with privacy laws; as well as your overall reputation with customers, suppliers, and employees through the media and resulting negative publicity. The effects of a ransomware attack can be very long-lasting indeed.
Worst of all, there is no guarantee that even if the ransom is paid, that your data access will be fully restored. It may only be partially restored. Or, that the cybercrooks did not make copies of your data, for nefarious purposes later. Like the saying goes, "There is no honour among thieves."
Our goal at Cytelligence is to help you recover from ransomware attack and return to day-to-day activities in the shortest amount of time, in a confident, precise, and cost-effective manner. We developed our Ransomware Support Practice to resolve current hostage attacks and then empower the organization with guided changes to help with future ransomware attacks prevention:
You get our extensive experience in ransomware removal, compromise assessments, digital forensics, breach investigation and cyber security consulting to solve your ransomware incident in a professional manner that reduces the anxiety over a ransomware attack.
Fast, effective and just-in-time ransomware attack protection is critical, and it is the foundation of our approach. Our cyber security experience allows us to move fast, communicate openly and honestly, establish clear strategies and tactics that support success, and reduce the anxiety you have over the ransomware attack. When your organization is under attack from ransomware virus, time is not on your side. Rely on Cytelligence's years of expertise and experience in dealing with cybercriminals and cyber security attacks.
We work with your IT teams, legal representatives and breach coach to contain the incident, determine ransomware recovery options, negotiate with the threat actor and manage payment through cryptocurrencies.
Specific ways our ransomware removal and protection service helps you:
We have come across many circumstances in which the encryption of corporate systems was the final act in a breach situation. Frequently, attackers will exfiltrate confidential and restricted information for sale on the Dark Web while simultaneously creating a ransomware attack.
Part of our job is to investigate the 'gray-and-black markets' to understand the full breadth and depth of the attack. In other words, where did your data end up, so you can best prepare.
In addition to helping manage the attack, Cytelligence works with you to understand any pre-ransom events that occurred in your organization including exfiltration of data, distribution of confidential or restricted information, system occupation, and the sale of your assets on the Dark Web.
Equally important is our ability to support your organization in post-incident ransomware recovery.
A major Canadian company was forced to pay $425,000 in Bitcoin over the weekend to restore its
computer systems after suffering a crippling ransomware attack that not only encrypted its
production databases but also the backups as well.
– IT World Canada, July 13, 2017
Under ransomware attack? Call us immediately at 416-304-3934.
22% of businesses with fewer than 1,000 employees were hit with a ransomware attack in 2017
70% of companies pay the ransom (only 37% of users back-up data)
Average downtime was 25 hours, costing $100,000
15% of companies hit with ransomware lost revenue
Almost all organizations had to cease business operations immediately 50% of those who paid ransom, paid more than $10,000
20% paid more than $40,000
2017 record ransom paid: US$1M, by Nayana, a Korean web hosting company that hosts 3,600 websites
2017 average ransom: $800 to $1,000 [per user]
2016 average ransom: $679 [per user]
2015 average ransom: $295 [per user]
At Cytelligence, we believe a proactive cyber security posture is much more valuable than responding to a ransomware crisis. Here's why: Cytelligence's Security Consulting enables you to evaluate your current cyber security programs and practices and what other cyber security measures you should put in place. Proactive cyber security planning gives you the luxury of time - which you don't have in a ransomware crisis. In a ransomware crisis, experience, expertise, and response time are everything.
Fifty per cent of modern cyber security is comprised of proactive practices and analyses that are used to create awareness, acceptance and preventive measures against different categories of attacks. Cytelligence offers an entire range of proactive cyber security services including: Offensive Security Audits; Penetration Testing Services; Vulnerability Assessments; Secure Code Assessments; Phishing Awareness Services; and Comprehensive Cyber Security Training.
Our Security Consulting Practice is a powerful review of your organization's cyber security practices to help prevent against future ransomware attacks. We work with your team members to understand your IT, Security and Information practices and then build an actionable plan to help secure your organization against current forms of ransomware and ransomware worms.
Using best practices developed from ransomware attacks during the last three years, we build a solid plan with credible cyber security improvements. This approach is enhanced by our own knowledge and use of malware kits, penetration testing, and incidence response to build positive fortifications that create strong cyber security measures without reducing your business effectiveness.
Start a proactive review today of your organization's cyber security practices to help guard against ransomware attacks. Contact any of our offices today.
Cryptovirology was invented in Russia in 1989. There are actually three types of ransomware:
Since 2012, ransomware has exploded as the "attack vector" of choice for cybercriminals. There are lots of good reasons for this.
First, ransomware is relatively cheap. Computer servers to launch a ransomware infection are cheap, too. Second, ransomware is easy compared with running guns, drugs, or human trafficking. Third, ransomware is far safer for cybercrooks and lower cost than guns, drugs, and human trafficking. A cybercriminal unleashing ransomware on organizations is just an ISP number. Fourth - for the same reason - the chances of getting caught are slim. Fifth, the odds of getting prosecuted are even slimmer. Sixth, there is great, free support from other cybercriminals on the Dark Web. And seventh, ransomware is hugely profitable because it is essentially a numbers game - and entirely scalable.
Since 2016, ransomware virus has been engineered to take on the properties of worms. In other words, the ransomware is self-replicating and can attack many more victims - both organizations and individuals - with ease. A worm copies itself on every computer on the network, guaranteeing repeat business for cybercrooks. The WannaCry, WanaCrypt0r, and ZCryptor in 2017 were all ransomware worms.
It comes as no great surprise, then, that ransomware is predicted to be a $6 trillion dollar industry by 2021, according to CSO Magazine.
Cryptocurrencies and ransomware go hand-in-hand. In addition, cryptocurrencies are also used to launder the proceeds of crime, according to Thomson Reuters. Here’s why:
Anonymous: No need to show ID, such as a birth certificate, a social insurance number, or a passport to create a "digital wallet" where cryptocurrencies are held.
Decentralized: Cryptocurrencies are not controlled by a centralized government, or a central bank.
Totally digital: No physical object exists (no paper money, no gold, etc.). It is all code, on an electronic ledger.
Irrefutable: Transactions cannot be reversed. Once cryptocurrency is in your digital wallet, that's the end of the line. No cancellations, no refunds.
Scalable: Digital wallets can process thousands of transactions at a time.
Extensive use of cryptography: Creation of coins is encrypted; transactions are encrypted; digital wallets are encrypted; public ledgers that store transactions are encrypted. All this cryptography provides a very safe environment for cybercrooks to launder money.
Converting to cash is easy. Bitcoins can be sold for currency on an exchange; think of it like trading Forex.
Improving your organization's cyber security posture has a lot to do with educating your employees. Cytelligence offers proactive Comprehensive Cyber Security Training to our clients. Here are specific tips that Cytelligence has developed to help protect against ransomware attacks:
Adopt Good Cyber Security Hygiene in your Information Technology Department
Any solution starts with a conversation. Our team is ready to discuss your projects, immediate security concerns and confidential actions. We are looking forward to hearing from you.