You MUST do your due diligence even when looking for professionals to assist you with your ransomware attack. It seems a couple companies have cashed in on the weakness of their customer and made bank.
I would assume and hope that some governing body will sanction (approve) vendors so that they can truthfully advertise their skills and you can be assured of getting the desired results.
Scammers are everywhere.
@Flyslinger2 wrote:
I would assume and hope that some governing body will sanction (approve) vendors so that they can truthfully advertise their skills and you can be assured of getting the desired results.
I agree that there was a gross misrepresentation on the part of the vendors, but no one can be assured of getting the desired results in cases of ransomware.
If the only choices you are presented with, (regardless of how you got there), of either paying ransom or losing data, few can afford to chose moral high ground and attempt to recover data using 3rd party consulting services.
Paying ransom, while does not guarantee the data recovery, still has higher probability of success.
Hence the proliferation of the attacks that are a lot more targeted than those in the past.
Let me stick my oar in. Since ransomware is a form of malware, and since I've known about it since the first case in 1989 (and wrote about it in both virus books).
Make a backup. Make multiple types of backups, if stuff is important to you. Remember layered defence. It should be part of your BCP.
Have some awareness. I mean, quite aside from ransomware not being new, and going back to 1989, stories are hitting the nightly TV news just about every week these days. Pay attention!
Don't pay ransom. It only encourages them. And others. Anybody who pays ransom is supporting the ransomware "industry." Period.
(Well, if you think you need to pay a ransom, then you didn't make a backup when I told you, right?)
Ransomware isn't one thing: it's many different programs and families, with all kinds of different capabilities.
Sometimes they encrypt without a key, and *nobody* can get your data back.
Sometimes they encrypt with a single symmetric key and anybody can get your data back: even you.
Sometimes they do a proper encrypting job but are too cruel or lazy to respond when you contact them.
If you do get hit, contact a reputable anti-virus/anti-malware company. Since ransomware is a form of malware, most such companies will be keeping track of the various ransomware programs, and can tell you whether a) the encryption is done wrong and *nobody* can get your data back, b) the encryption is done right but these guys aren't to be trusted, or c) the encryption is done sloppily and there is a quick fix that will get your data back.
And don't pay ransom. Not even second hand.
Apparently there are those that don't agree with your position. I'm neutral to leaning pay but it still depends on the situation. I think there are enough tools, techniques and digital forensics experts out there that can chase these perps to the ground, especially if they are paid. Digital coins always leave a bread crumb trail so they can be tracked.