Kroll Ontrack Offers Ransomware Victims Alternative Solutions to Paying the Ransom

Kroll Ontrack has identified over 225 different strains of ransomware and developed a set of solutions to restore data and eliminate payments in the event of an attack.

Research suggests payments to ransomware criminals jumped to nearly $1 billion in 2016, with no end in sight as businesses and individuals continue to pay up. Ransomware is a type of malware that blocks access to data on a device or server by encrypting it. In working with enterprises affected by ransomware, Kroll Ontrack has identified over 225 unique strains and its engineers have defined decryption processes for over 80 of those variants.

While anyone with a computer or a connected device can be the target of ransomware, corporations are often hit the hardest. Not only is an infected company charged an exorbitant ransom to have its data returned, it also faces financial losses due to downtime. Those most at risk include healthcare organisations, financial institutions and government bodies. To mitigate the damage caused by ransomware, Kroll Ontrack has developed a set of solutions to quickly recover the ransomed data by other means, eliminating the need to pay the criminals behind the attacks, including:

  • Software and tools to decrypt ransomed data. There are several methods used to decrypt different strains of ransomware – Kroll Ontrack has identified over 225 strains and defined decryption processes for over 80 of them.
  • Knowledge and experience in data recovery to find unencrypted copies of ransomed data and restore or rebuild what is found. If there are no decryption processes or software able to decrypt a ransomware variant, Kroll Ontrack uses its proprietary data recovery tools to search for unencrypted copies of the data. 

[easy-tweet tweet=”It is important to have a good backup and recovery plan” hashtags=”Security “]

Robin England, Senior Research & Development Engineer at Kroll Ontrack said: “At Kroll Ontrack we do not recommend paying the ransom. Many victims who pay their attackers never receive their data in return and can lose hundreds or even thousands of pounds. The best solution is to restore data from a backup.

“Ransomware developers know this and in an effort to keep the money coming in, new ransomware variants are being developed that now target those backups. This is why it is important to have a good backup and recovery plan, be diligent in testing backups and educate users on what a potential ransomware attack can look like.”

Those individuals and enterprises who are most at risk should take precautions to reduce their risk and lessen the effects of an attack. Below is a list of steps they can take:

  • Never pay the ransom because attackers may not unlock your data. There are many cases of ransomware victims paying the ransom demanded and not receiving their data back in return. Rather than running this risk, companies should work with data recovery experts who may be able to regain access to data by reverse engineering the malware.
  • Create and follow a backup and recovery plan. Ensure that a plan includes storing the backups offsite.
  • Be prepared by testing backups regularly. Organisations must be familiar with what is stored in backup archives and ensure the most critical data is accessible should ransomware target backups.
  • Implement security policies. Use the latest anti-virus and anti-malware software and monitor consistently to prevent infections.
  • Develop IT policies that limit infections on other network resources. Companies should put safeguards in place, so if one device becomes infected with ransomware, it does not permeate throughout the network.
  • Conduct user training, so all employees can spot a potential attack. Make sure employees are aware of best practices to avoid accidentally downloading ransomware or opening up the network to outsiders.
+ posts


Related articles

The future of cloud and edge optimisation

As more enterprises use multi-cloud and hybrid infrastructures, the danger of cost overruns and loss of control increases.

Here is how to stage a public cloud migration

As the relationships between CSPs and cloud providers are deepening, CSPs need to develop a clear strategy on how they add value to customer relationships.

The future of work is collaborative

As hybrid work models continue to gain traction, businesses will need to start implementing collaborative tools and processes to meet the needs and expectations of the upcoming workforce, seamlessly integrating them into existing workflows to enhance productivity and performance. Innovations in technology, including AI and machine learning, mean that organisations are in a better position than ever to shape the collaborative future of work – and with the right support in place, they can ensure that these digital tools continue to bring out the best in their workforce for years to come.

How Business Data Can Be Protected, Even with Remote Workers

According to a study conducted by OwlLabs, approximately 69% of survey respondents worked remotely during the pandemic or are now working from home since.

DevOps Metrics – How to measure success in DevOps?

Even though there is no perfect definition for DevOps,...


Please enter your comment!
Please enter your name here

Subscribe to our Newsletter