We’ve developed a streamlined ransomware recovery process to help you get back to work as soon as possible.
- STEP 1: Free Assessment
Submit the encrypted files and the ransom note for review. We then prepare a risk analysis, determine the exact type of ransomware, and examine the possible recovery options. Every ransomware infection is unique and we have to understand your situation to know what the best course of action is. This process usually takes 24 hours at most, and in case of a serious emergency can be faster. Click here to submit a new case.
- STEP 2: Quote
We have two modes of service:
- Our “No Data, No Charge” guarantee. A fixed-price quote for ransomware removal and data recovery. If we cannot recover the data, you pay nothing.
- Full Incident Response. We take care of everything necessary to get you through the attack and get back to work with improved security. Based on a daily flat fee.
- STEP 3: Acceptance of the Quote
After acceptance of the offer, we will send you an invoice including VAT, which you can pay by PayPal, direct debit, wire transfer or credit card. We also offer secure payment processing via an escrow service. When we receive the payment, we start the ransomware recovery process immediately.
We also sign a data processing agreement (DPA) in line with GDPR compliance. During and after the ransomware recovery process we maintain strict confidentiality with your data. We are a registered German company and we operate with full compliance to German and EU laws, which are internationally known for their high data protection standards. Read more
- STEP 4: Preparing for Recovery
First, you need to install our remote maintenance software on the affected computer system. We remove the ransomware, determine any vulnerabilities that might have caused the issue, and then backup all encrypted files. We then install a next-generation antivirus solution with ransomware protection. This installation protects your data from further damage and helps prevent future ransomware attacks.
- STEP 5: Data Recovery
Now that the computer system is cleansed of the ransomware trojan and a re-infection is prevented, we start with the ransomware data recovery. If negotiation with the attackers is necessary, we determine which ransomware gang is behind the attack. We examine past data on the attacks to understand their behavior patterns and adjust the negotiation strategy accordingly.
During this process, we follow all relevant national and international laws to ensure full compliance. We also collect all data necessary for law enforcement and insurance purposes.
- STEP 6: Prevention & Reporting
A dedicated ransomware recovery expert will be assigned to assist you at all time throughout the recovery process. After the data recovery is complete, the team member assigned to your case will provide detailed guidance on how to improve your IT security and prevent future attacks.
Cyber-insurance policies usually cover the costs of using a professional ransomware recovery service. We compile all of the data gathered during the ransomware response into a detailed attack report delivered within five days after the completion of the data recovery. This report will contain complete documentation of all details required by your insurance company.