A ransomware attack shuts down your systems and denies access to data that is vital for your company. Getting back in business involves large payments and huge stress.
Counter-Ransomware enables you to become ransom-resistant through deeper cyber resilience, expert response services and remediation to build back stronger. Uniquely, C-RW is backed by a ransomware warranty: subject to having the right resilience measures in place, you would be eligible for up to $500,000 to help you deal with the consequences of an attack should one happen.
Ransomware is not just an IT issue or cyber problem - it is an attack on the integrity and wellbeing of your business. That attack will affect not only your data and IT systems but also your people’s morale and purpose and your company’s financial health and value.
Your board, shareholders, leadership and staff will all expect you to be prepared, but being hit with ransomware is complex to deal with, throws up unexpected challenges and feels intrusive. That psychological impact exacerbates the financial and technical damage that will undoubtedly occur.
Should an attack happen, both management and staff will find the experience traumatic and unpredictable. In responding to a highly charged situation, they may make poor decisions and they could be affected badly in the longer term. Company records can be irretrievably lost or damaged, the attacker can create a persistent and hidden presence inside your IT system that can be revisited months or years after the initial attack and stolen company and personal data can be traded and re-traded on the dark web by organised criminals.
Ransomware attacks are increasingly common, a trend that will continue. A company that has prepared itself with careful planning and reliable, specialist support can take ransomware in its stride. It will avoid an attack – or, if one happens, manage it like any other business crisis. The challenges of managing that crisis will be significantly eased by the injection of up to $500,000 from the ransomware warranty.
We advise the boards of large corporates, place CISOs in high-profile positions and support small to medium sized companies managing large budgets or valuable portfolios, as well as the supply chains that service large commercial entities. Often our clients work in regulated industries, where the penalties for being ransomed are particularly severe.
935% increase in double-extortion ransomware attacks since 2020.
Our clients need something that is designed for their needs, giving a service that offers more assurance than an off-the-shelf solution.
Common challenges include:
How to prepare for the uniquely complex nature of a ransomware attack
How to access ransomware expertise, without the budget to own it in house
How to secure a network that has evolved over time and caters to staff with varying levels of IT skill
How to manage the conflicting data requirements of security, privacy and compliance
How to respond effectively and rapidly to an attack, including negotiation, arranging payment and informing statutory bodies
Our clients can expect:
C-RW services are flexible to our clients’ needs. The three areas of service each stand independently, or can be combined for a comprehensive ransomware solution.
They can be retained for a monthly fee or taken as individual consulting interventions.
*Sophos, The State of Ransomware, April 2022
The owner and CEO of a successful boutique headhunting business called us after a ransomware demand appeared on his employees’ screens. He was outraged and frightened: losing his records containing over 20 years of knowledge would destroy his company, put over forty people out of a job and risk prosecution for failing to protect clients’ personal data. Fortunately for him, an Othrys director and a senior cyber expert were round the corner with another client. Having instructed him on immediate steps to contain the threat temporarily, we were quickly onsite to make an assessment and advise on how best to manage the crisis.
We discovered that the company IT systems and procedures were generally robust, but a weak password policy had allowed an opportunistic criminal to gain access and launch the attack. As our client had reacted immediately, we were able to prevent the ransomware from infecting the back-up system and therefore a system flush and cleanse, followed by a restoration from back-up, had them up and running the same day with only an hour or so of lost data. A post-incident workshop resulted in improvements to the user access controls (including a better password policy) and the establishment of a clear and comprehensive crisis management plan. Our client was lucky: the attacker was opportunistic, impetuous and not technically very competent. But as a result of the incident, he put his house in order, which ensured resilience against more sophisticated attacks.
The finance director of a medium-sized logistics company, which had spent three days attempting to manage a ransomware attack that had closed down the entire operation, was referred to Othrys by another client. An Othrys director quickly assessed the situation and found that a leading cyber security company had already made an effective diagnosis of a carefully planned and executed attack, and established that it could not be reversed without the unlock codes. However the negotiation with the ransom gang, which appeared to know everything about the company and had the upper hand, had been poorly handled. The clock had been run down almost to the deadline, a third-generation family business of over 800 employees was facing potential bankruptcy and the company’s leaders were traumatised and exhausted. They had concluded that they had no alternative but to pay the high cryptocurrency ransom but had no idea how, or even whether it was legal to do so.
Our ransomware experts provided crisis management, legal advice and specialist support in handling cryptocurrency payments, much of it over a weekend, to reach a negotiated agreement with the criminals and transfer the ransom. The company received the unlock codes a few hours later, recovered their systems and most of their vital data, and were back in business early enough to avoid bankruptcy.
We treat all enquiries with absolute discretion and without any implied commitment or obligation