Ransomware Decryption Data Recovery

This content on this page is mainly designed for organisations who are not yet clients of Communicat and who are concerned about the adequacy of their protection against ransomware and malware. It also provides a guide for Communicat clients if they wish to be informed about the risk of ransomware or malware attack, or if they experience an attack.

If cyber criminals manage to penetrate into your business then
do not respond to ransom or other criminal demands.

Contact us today for a no-obligation discussion regarding your options for prevention and rectification of ransomware and malware issues.

Communicat can help you to plan, develop strategies, and implement protective systems for your business.  If you experience a criminal attack then we calmly assist as your specialist adviser to provide you with the best options for rectification, to minimise disruption and cost to your business and to improve your protection against future criminal attacks.

Be Prepared – Forewarned is Forearmed

If you are concerned about the current high rate of ransomware, data encryption, malware or computer hacking attacks or if you have experienced an attack on your business then in either case you will want to know the strategies that are available to protect your business or to recover from a malware attack.

The information on this page is designed to forewarn and forearm you with this information and to help you to protect your business.

If your business currently is experiencing a problem with a ransomware malware attack or hacking activity then we aim to advise you about how you can rectify your problem and also to implement preventative strategies to increase you level of protection against the problem repeating in the future.

Professional experts in the area of cyber crime will advise you to never contact or pay the criminals. The risk of escalation and increased targeting will be increased once the criminals are in contact with them. We recommend that you should never give the criminals an inch or they will take a mile.

Trends and Strategy – Cyber Crime

Unfortunately cyber crime is a highly profitable activity for criminals and as a consequence the problem is escalating. This malicious activity is conducted by a wide range of people and organisations including organised crime, small and lone wolf criminals and there is also evidence which indicates that the criminals may also include rogue governments and other oppositional / enemy governments.

In other words, this problem is here to stay for the foreseeable future. Therefore, it is essential for your business to implement a comprehensive protective and preventative strategy, and also to have plans in place in the event that you experience a criminal attack.

Overview of protection strategies

The best guard against ransomware, hacking and malware and other forms of cyber criminal activity is for your computer system to be professionally designed, managed and maintained with pro-active high-level managed IT services – Net2. Communicat’s goal is to reduce the risk to the lowest possible level. Nevertheless you should be aware that technology is never 100% perfect and there are also timing issues such as zero day vulnerability where malware methods have arisen and the preventative systems have not yet been issued to detect, guard against, remedy the malware and kill the ransomware.

Free Ransomware evaluation

Communicat provides a free advisory service where we can carry out a preliminary assessment of the level of protection that your business is currently operating and the risks that your business may face from ransomware. There is no cost for this initial preliminary review.

After the preliminary discussion and analysis has been carried out then we can provide you with a proposal for a more extensive analysis and assessment of your exposure to ransomware and malware risk.

Names and types of data ransomware and data encryption

There is a long list of names of different types of ransomware and malware, and this information is subject to a great deal of misleading information and confusion. Criminals deliberately create misinformation as one of their strategies to mislead and confuse the business owners and computer users, aiming to induce panic and confusion. Also the methods of delivery of ransomware are many and varied, including Australia Post, FedEx, etc.

Some of the recent ransomware names include Cryptolocker, WannaCry, Reveton, CryptoWall, Fusob, etc. [chris please extent this list for reasons of getting google responses to people searching for their ransomware brand). Ransomware may use commercial and legitimate encryption systems, however as with any weapons, in the hands of a criminal these encryption tools can have severe adverse consequences.

Recommended protection

A comprehensive list of protective measures is available on this Communicat Website under the heading “Checklist to Optimise your Protection for your Business against Cyber Crime”

  • Have protective systems in place to guard against ransomware intrusion
  • Your systems should in most cases remove or kill the ransomware infection before it is able to cause damage to your computer system.
  • Ensure you have reliable, recent and complete backups system, including grandfather, father, son backup cycles stored off-site so we can restore your data and reinstate your system.

Business Disruption and cost resulting from Ransomware and Malware attacks.

If your business falls victim to a ransomware attack then unfortunately you will experience some level of disruption to your business while the issue is analysed and rectification is carried out. Provided you have effective protective systems in place then the disruption and cost to your business will be reduced.

If your system does not have a high level of protection (e.g. Communicat Net2 Managed IT Services) then unfortunately in the current climate of high levels of cyber-criminal activity, then your business is already exposed to a high level of risk.

The cost of rectifying ransomware encryption can be expensive.

  • If your system has been setup and supported Communicat Net2 managed services then we will undertake ransomware cleansing and then arrange to restore backups so as to re-instate your system to operational status. Communicat managed backup procedures ensure that your backups are kept in a completely separate and secure data area so as to minimise the chance of data encryption cross-infecting your backups.
  • If you are not a client of Communicat and your backups are not available then you will be faced with an expensive and time-consuming process where we will endeavour to decrypt your data. The risk of inadequate backups is one of the reasons Communicat is totally opposed to low-cost backup systems e.g. USB disks and other basic backup systems, where the backup devices may be unreliable and may allow ransomware and malware to cross-infect backup data.
  • If your backups are not adequate then the next step will be for you to consider decrypting your encrypted data. With current technology 98% of data encryption cases are able to be decrypted, however this is an expensive and time-consuming process and the probability of success is subject to change from time to time in view of the constant evolving technology race between criminals and solution providers.

If you become aware that your business is experiencing a malware or ransomware attack – immediately take these steps.

If your computer system is infected by ransomware then be aware that the malware will spread as quickly and widely as the technology that criminals have launched, therefore it is important to act urgently in order to minimise the spread of the ransomware

  1. Take brief notes or a photo of your computer screen display indicating any suspicious information.
  2. Do not email or otherwise forward suspicious information to any other person.
  3. Shut down the computer system.
  4. Contact Communicat Net2 support for advice.

Never respond to threats from cyber criminals – Do not pay ransom demands

We strongly recommend that you should never respond, communicate with or deal with the criminals who have infected your computer systems and/or data.

If you were to make any type of contact with the criminals then problem will escalate. Why would you trust criminals who have already inflicted deliberately vandalised your data and disrupted your business?

The ransomware demand will include messages that are designed to induce you to panic and lead you to make a poor decision. E.g. the message will usually say that you must respond and pay ransom immediately and state further threats if you do not respond immediately, that the chance of data recovery will decrease if you delay, etc..

Communicat can provide you with professional advice on the best method to solve the problem.

Rectification of ransomware malware data encryption – Restore from your latest backup

Communicat will analyse your case and then advise you regarding the recommended steps to fix your ransomware data encryption problem. Our recommended steps will vary according to the circumstances.

This information is only provided as a general guide, however the actual steps required will vary from case to case.

Typical steps to resolve a ransomware attack – we will:

  1. Analyse the scope of the problem, e.g. how much data is damaged? Are operating systems and software damaged? Remove the ransomware malware software and therefore to eliminate the chance of further damage.
  2. Inspect and assess the extent of data encryption and computer system damage. Please understand that ransomware malware operates very quickly, and it is quite possible that it may have been working for a significant period working through the encryption process, before you notice that you have a problem. Even if you shut down your computer system quickly after you become aware of a ransomware attack, it is nevertheless likely that in any event of ransomware attack, that encryption damage to data will be extensive.
  3. Inspect your backup data and identify options for your data to be restored.

If you do not have a reliable backup – Data Decryption Service – Data Recovery Service

If you do not have access to a reliable, complete and recent backup of your data and your system then usually the next option is to investigate options for decrypting your data. With current technology, data decryption can be carried out typically in 98% of cases however the cost and chance of success will vary according to the type of encryption.

You may have insurance available to contribute towards the cost and disruption of cyber criminal activity.

Samples of ransomware and malware threats