Description
The FortiGuard Incident Response team is ready to assist with the discovery, containment, and remediation of intrusions involving all ransomware variants including Hive ransomware.
In most cases, the deployment of ransomware such as Hive is the final stage of an intrusion.
In most Hive intrusions encryption through ransomware follows successful exfiltration of proprietary and sensitive information that is used for extortion to further encourage victims to pay the ransom. A quick response to ransomware-implemented encryption increases the chance of data recovery and can fast-track system recovery to minimize business impact.
Scope
FortiGuard.
Solution
Engaging Response Services.
To engage the IR team directly please use the ‘Experienced a breach?’ link available here:
https://www.fortinet.com/solutions/enterprise-midsize-business/security-as-a-service/fortiguard-inci...
This webpage also has additional information on the IR team’s services and how to help to mitigate ransomware risk.
Engaging Proactive Services.
If there are any questions about this type of threat that is applied or to proactively prepare the security teams to better handle threats associated with Microsoft Exchange, it is possible to engage the Incident Response Readiness service.
The FortiGuard IR Readiness service can assess the security posture and provide support to patch holes in the defenses, build playbooks to combat emerging threats, and war game the existing processes as part of tabletop activities.
It is possible to find more information on this service here:
https://www.fortinet.com/content/dam/fortinet/assets/solution-guides/sb-fortiguard-incident-readines...
