Ransomware & Incident Response

Ransomware & Incident Response

Ransomware attacks and security breaches are responsible for billions of dollars in loses each year in both the public and private sectors. The healthcare industry in particular has been an increasing attack target for adversaries looking to harvest critical data, compromise operational capability and disrupt patient services due to the high probability of a payout. Despite the high-profile cases covered in the media, the actual number of successful attacks is significantly higher than reported.

In order to predict, plan and respond to a ransomware attack or a breach, enterprises must:

  • Develop, implement and test plans and policies to ensure readiness. This includes making plans for resources, budget, internal and external communications, continuity of operations and recovery, as well as coordinating with legal, PR and law enforcement.
  • Access to outside expertise to help determine the cause of the breach or attack. Additional resources may also be required including counterintelligence capabilities to vet adversary credibility and the infrastructure to facilitate payments if necessary.

SmartPoint’s access covers the full spectrum of services. This includes planning and testing, tailored responses and recovery of internal systems, resources to vet adversary credibility, procurement of cryptocurrency on behalf of the impacted organization, and ongoing monitoring of hard-to-access adversary communities for ongoing intelligence post-incident.