Is your organisation the target of a cyber incident?
The clock is ticking, talk to Venn for immediate help
We are the go-to team for helping organisations recover from cybersecurity incidents. Our highly trained team is ready to help you recover and be back in business, no matter the size of your organisation or where in Australia you are located.
Cyber Incident Response
Recovering from a ransomware attack where a backup environment is compromised requires expert advice and a specialist skill set.
Our team will first look at the status of your production environment as well as the current state of the data in your backup environment to determine the best way forward and whether we can make a recovery from your most recent backup.
For the best results, we bring our backup environment expertise to your IT team’s in-depth knowledge of your servers and processes inside and out. Working together in this way helps to speed the process up immeasurably and increases the chances of a good outcome.
Ideally, we aim to roll back your backup environment to the closest date before the malware breach occurred and from then restore the data from the most recent backup.
For long-term support and proactive actions, we can also assist with providing preventative backup systems and ensure that these environments operate correctly so that your data is secure from future breaches.
First: Contact Your Insurance Provider
If your company has a cyber insurance policy, it’s likely to contain a duty of disclosure which states that you must contact the policyholder within 24 hours of receiving a ransomware attack.
So before you do anything else, please contact your policyholder to ensure your policy is not voided.
Some hackers have been known to look at a company’s insurance coverage and ask for a ransom amount based on that policy. So if your company has a $15 million cybersecurity policy, the hackers will set the ransom at that amount knowing that your policy provider can cover the cost.
If this has occurred, you need to inform us when you call us. Every piece of knowledge helps us to deal more effectively with the problem.
Should you pay the ransom?
Receiving a ransomware attack is stressful and it can be difficult to know whether your data will be released, encrypted, or destroyed.
If you have a multi-location business, there is also the added concern of ransomware being enacted across your multiple locations and multiple backups and paying the ransom for one location can still leave your backups crippled across other locations.
Even once your data has been released successfully, if your environment isn’t properly secured, you will still be at risk of being hacked again.
Cybercriminals can run very sophisticated operations. It is essential that this crisis be carefully handled in a methodical manner to increase your chances of a successful outcome. So, before deciding whether to pay the ransom, get in touch with our team.