Hotarus ransomware lists among the most profitable ransomware of 2021, Hotarus made an attack on Ecuador’s largest private bank and, claimed to have stolen numerous bank customer files.
The group released 6,500 personal files of the bank’s customers, such as user login, passwords, card numbers. Although the bank claimed that the attack did not hit its internal system, but a partner marketing company.
But this does not seem to be real, as the leaked files were under the care of the bank. The group claimed that they broke into the marketing company’s system, but found loopholes in their system that led to the bank’s servers, and they took advantage of that loophole by stealing and encrypting as many files as possible.
This attack is a clear, practical example of how ransomware behaves once a company’s system has been hacked. Ransomware moves laterally in search of files most valuable to the company, especially on integrated systems.
And that is why it is vital to protect a company’s internal networks, such as segmentation. The segmentation serves so that each computer is independent, if a computer is attacked the ransomware will be isolated on that computer, encrypting only the files contained therein.
This strategy narrows the ransomware’s field of action, reducing the chances of further damage to the company.
Segmentation is extremely important when talking about online backups, ransomware has developed to identify and encrypt all the files in the backup. Therefore, the backup needs to be isolated from the rest of the company’s network.
The best option is for the backup to be stored Offline, there are numerous Magnetic Tape options for this purpose.
Recovery of data encrypted by ransomware is the specialty of Digital Recovery, for more than two decades we have developed unique technologies for this purpose.
Our processes are made by the best specialists in the field of data recovery, from the first contact until the validation of the recovered files the customer will be accompanied by an expert.
At the beginning of the process, a feedback routine is established so that the client is aware of all the processes.
Our solutions are exclusive and comply with the General Data Protection Regulation (GDPR) and the confidentiality agreement (NDA).
We believe that in any scenario of data loss by ransomware recovery can be attempted.
Tracer, our proprietary technology, has been successful at recovering data from virtually any data storage device, be it HDDs, SSDs, Databases, Storages, RAID Systems, Virtual Machines and others.
We are at the forefront of recovering data encrypted by ransomware.