One of the biggest hacker attacks in recent years affected the IT systems of many companies. Up to 1,500 companies worldwide were affected, explains US IT service provider Kaseya, whose software served as the gateway to ransomware.
It is very likely that the number of unreported cases is much higher, as many companies fear damage to their image.
A vulnerability in the Kaseya software was exploited by the REvil Sodinokibi group.
Negotiations with the group went on for several days, until finally the key was released by Kaseya, it is not known if the ransom was paid or if the group simply gave up the decryption key.
During the entire time of negotiation, the IT department of the companies was inactive, the projects had to wait, production was interrupted, invoices were not issued and communication was impaired, thus generating losses for the companies.
Quick help for affected companies
Digital Recovery has been able to help many companies to reduce losses to a minimum. We offer data recovery for REvil Sodinokibi ransomware. Our experts have followed several recovery projects with this type of ransomware and successfully completed them.
We initiated an Incident Response as a Service (IRaaS) at four companies that were victims of Kaseya’s supply chain attack. We were able to help these companies re-establish their operations quickly and safely.
Recover files encrypt for ransomware REvil Sodinokibi
We get started by running an advanced diagnosis on the device to see what the extent of the attack was and which files were encrypted. Then we start the process to restore the encrypted files.
The data recovery project can be carried out remotely or physically in our central laboratory, taking into account all necessary security measures. We are specialised in situations like this.
If you decide to ship the device, please note that we will first clone the stored data bit by bit for security reasons and also to fully preserve the original environment.
Count on our specialists to restore your company’s operation, contact us.