All names and details have been withheld to protect identities
An FSB member reached out to the helpline following an incident in which a machine had been infected by ransomware. Our member was looking for general advice expertise on dealing with the incident, as well as advice on companies that can claim to recover your data.
What did FSB Cyber Protection do?
We advised that most of these companies negotiate with the attackers before paying the ransom to obtain the decryption key, rather than attempt to crack the encryption and recover the data in house. The member was informed of the risks accompanying paying the ransom, and in particular the fact that attackers will often withhold the decryption key and the data once they have ascertained that you are able to pay for its recovery, in addition to funding organised crime.
The member was unsure how he’d fallen victim to ransomware as they believed they were enforcing best practices, including utilising a Remote Desktop Protocol (RDP). However, we informed the member that their systems would be more secure with further protections such as two factor authentication or VPN’s in place.
What was the outcome?
We provided our member with resources, information and advice on the best practices to ensure that they can mitigate future attacks.
They were also presented with resources on how to ascertain which attack they had fallen victim to, and whether there were tools publicly available to recover information following such an attack.
Our guide to protecting yourself against cyber-attacks can help you to reduce the risk to your business.