According to Cybersecurity Ventures predictions, a new business will fall victim to ransomware every 11 seconds in 2021.
When time is of the essence and next steps are uncertain, organisations should consult with the experienced professionals at Ontrack to determine their best course of action.
If your organisation might be affected by ransomware:
- Contain the attack by disconnecting infected machines from the network.
- Contact us as early as possible. Our team will provide a free consultation and advise on options for data recovery and how to prevent further potential data loss.
- Avoid do-it-yourself attempts to decrypt the affected data. Doing so could make future recovery attempts impossible.
Data recovery experts are ready to help.
Ontrack has developed a specialised collection of proprietary tools to recover data from ransomware-encrypted systems, virtual machines, backup files, tapes and other storage media. With labs located around the world, help is available 24/7 from our knowledgeable team with vast experience in all types of data loss situations.
- 130+ Decrypters
- Specialised collection of proprietary tools developed to recover data encrypted by ransomware
- Virtual Disk Repair
- Database Repair
- Backup File Repair
- All type supported (SAN, NAS, Server)
- Deleted File Recovery
- Copy On Write File Systems (NetApp WAFL, ZFS, etc.)
- Full Tape Support (LTO, DLT, etc.)
- Veeam Specific Tools (deleted and encrypted files)
- All Backup Formats (Commvault, TSM, Networker, etc.)
Recovery Process Overview
Though each ransomware incident is unique and varies in complexity, data recovery is possible. Success depends on the type of payload that has been executed, the hardware it has affected, and the initial actions taken upon discovery.
Immediate phone consultation with data recovery specialists.
Media is evaluated to determine what files can be recovered.
Recovery carried out by our expert data recovery engineers.
Data is recovered remotely or returned on encrypted media.
Why Choose Ontrack?
Ontrack is the only solution provider with custom tools and development capabilities to support all types of data loss scenarios. We offer free ransomware consultations with our experienced engineering team.
Top Ransomware Threats to Your Organisation in 2021
- SNAKE (EKANS)
- Qakbot trojan
- Mailto (aka Netwalker Ransomware)
- Ragnar Locker
Ransomware Case Studies
Ontrack delivers world-class data recovery for all types of storage including: hard drives, solid-state drives (SSD), servers, NAS, SAN, virtual machines, cloud, mobile devices and tape.
A single user’s laptop at a large pharmaceutical company was infected with CryptoLocker ransomware. The laptop was connected to the corporate network, which allowed the malware to infect 46 shares. Leveraging NetApp’s proprietary OS (OnTap) and file system (WAFL), Ontrack engineers used multiple consistency points to “walk back” in time to a point before the attack to find and recover unencrypted copies of the critical data to return to the client.
Ransomware attacked a company server, encrypted the Microsoft Dynamics 365 data, and demanded payment. Recent backups of the server were stored on multiple LTO-6 backup tapes, which had been erased by the malware. Working in conjunction with the R&D department, Ontrack developed a custom hardware and software-based solution to recover 46TB of data from 18 of the LTO-6 erased backup tapes.
A health care customer was affected by a ransomware attack that not only targeted their server data, but also “Veeam Agent for Windows” backups located on an external HDD. Their IT / managed services provider agreement did not include regular off-site backups, so this was the only copy of the data that existed.
A multinational chemical corporation experienced a ransomware attack that took over a server using administrator privileges obtained through phishing. The ransomware formatted all the hard drives and created a new aggregate. Ontrack was able to rebuild the RAID and the original volumes, and restore the client's data.
Current Ransomware Trends
The number of attacks is down, but the severity, size and payments for each attack are up.
Only 50% of the victims that pay the ransom are able to decrypt all of their critical files.
Attacks are targeting file shares, critical infrastructure and backups including cloud.
Cyber Insurance is paying a significant number of claims including data recovery.
Join over a half million people and businesses who have trusted Ontrack to recover their data.
Visit the Ransomware Recovery Knowledge Base for all Ontrack resources related to ransomware data recovery.
View frequently asked questions, expert insights, case studies, blogs and more!
This webinar, co-hosted with NetApp, details how to mitigate the risk of a ransomware attack, why and when to involve a data recovery company, and how Ontrack can help.
This 45-minute webinar covers:
- The history and evolution of ransomware
- The scale of the current ransomware threat - including the results of a recent Ontrack investigation
- Success stories of data recovery following a ransomware attack
- Find out how NetApp can help prevent ransomware attacks
- How to recover data from point of infection from a snapshot
- Scenarios that lead to successful recovery
- Levels of effort and difficulty depending on the ransomware
We’ll collect your device and perform an evaluation, free of charge
Data recovery for single drives start from £399 + VAT, and for
smartphone from £400 + VAT. The final price will be determined at the end of
the evaluation, according to the complexity of the work involved and the
To begin, start by clicking on the type of media from which you need data recovered. The evaluation time for single hard drives (HDD and SSD) is four hours*, and within 24 hours for RAID systems*. Other media, such as mobile phones do not require an evaluation to provide an accurate quotation.
*These are typical time frames and apply within normal business hours (Monday to Friday, 9am to 5pm). For an out of hours, emergency service, or if you need further assistance, please contact us on +44 (0)1372 741 999.
- Prevention and recovery from Ransomware [Interview]
- Apple users are no longer safe from ransomware
- What is ransomware, and how do you prevent it?
- Ransomware - should I pay or not?
- SMEs face increased cybersecurity risks, phishing attempts
- Four-in-ten Businesses Don’t Have an Emergency Plan in Place for Ransomware Attacks
- Phishing back in vogue as ransomware vector
- Businesses Lack a Workable Ransomware Recovery Strategy
- Week in review: MacOS ransomware, attackers bypassing WAFs, how to select a SIEM solution
- How To Protect Your Company Against A Cyber Attack
- Ransomware On The Rise As Home Working Increases