Leaders in Incident Response

Solace Cyber, part of Solace Global, helps companies across the UK recover from ransomware attacks and data breaches. We represent International Loss Adjustors and cyber Insurance companies and cover more than 30,000 UK commercial businesses through our channels, delivering 100’s successful response recoveries and providing Digital Forensic Incident Response services, 24x7x365

Urgent Business Recovery

Solace Cyber will dispatch an incident response team, with vital equipment, same day. Quickly helping you understand the attacks’ nature, working with your teams to remediate your breach, and getting you back to business, fast.

Approved Standards

Solace Cyber is accredited as National Cyber Security Centre, Cyber Incident Response and are ISO accredited for 27001, 14001, 45001 and 9001.

Slide 2 Incident Response

Solace Cyber, part of Solace Global, helps companies across the UK recover from ransomware attacks and data breaches. We represent International Loss Adjustors and cyber Insurance companies and cover more than 30,000 UK commercial businesses through our channels, delivering 100’s successful response recoveries and providing Digital Forensic Incident Response services, 24x7x365

Urgent Business Recovery

Solace Cyber will dispatch an incident response team, with vital equipment, same day. Quickly helping you understand the attacks’ nature, working with your teams to remediate your breach, and getting you back to business, fast.

Approved Standards

Solace Cyber is accredited as National Cyber Security Centre, Cyber Incident Response and are ISO accredited for 27001, 14001, 45001 and 9001.

Experiencing Ransomware or Cyber Breach?

Response time is everything when you are under attack. If you have been breached or have an urgent matter, contact us immediately.

Choosing Solace Ransomware Recovery

During a ransomware attack, there are three key points you need for an effective and meaningful recovery:
  1. Quick response times – Solace Cybers’ security operation centre is manned 24 hours a day, meaning there are teams to respond to your call at all times.  Once engaged, we will send an incident response team with the necessary recovery equipment to your site, to start work the same day you call us. 

  2. Rapid systems recovery - We work with your teams for the decryption or recovery of your valuable business data, getting you back up and running quickly, reducing the impact of the attack. 

  3. Digital forensics – Our teams are equipped to handle environments appropriately, helping find answers with digital forensic analysis, providing experts to testify as needed and supporting requirements for evidence in whichever scenario it is required.

Our team are experts in their field, providing you with a recovery response that will analyse, contain and eradicate a cybersecurity threat quickly.

Our Process

The teams at Solace Ransomware are experts at resolving ransomware attacks and have developed a fast and efficient process to deal with any incident.
Step 1

Triage

Solace Cyber Incident Response despatches, same day, the nearest team. Onboarding initiation processes begin immediately, including stakeholder introduction and update call schedules, Incident Response Data Capture with creation, agreement, and deployment of initial Incident Response Action plans.

Step 2

Analyse

DFIR (Digital Forensic Incident Response) teams conduct full examination of the breach, identifying vulnerabilities, attack vectors, data loss, and system impacts, be this Ransomware, Business Email Compromise (BEC), Data Loss (PII/ICO) or DDoS. Solace completes thorough forensic investigations to understand attacker tactics that inform future mitigation strategies.

Step 3

Contain/Mitigate

Onsite & remote teams take immediate actions to limit damage and prevent the incident from spreading. This includes affected system isolation, elimination of malicious elements, and implementation of protective measures, including Solace proprietary technologies, to prevent further harm.

Step 4

Remediate/Eradicate

Solace’s Incident Response team eliminates the root cause of the incident and restores affected systems to a secure state. Focus is on vulnerability identification and repair, removal of malware and ensuring no remnants of the incident persist within the network.

Step 5

Recover

Incident Response teams deliver full restoration of affected systems and services to normal operation. Our engineers implement backups where possible, repair or replace compromised infrastructure, ensuring data is accessible and systems are fully functional.

Step 6

Post Incident

Solace completes a thorough examination of the Digital Forensic Incident Response and recovery efforts. Bringing risk mitigation, betterment action and a full offboarding process, Solace and client together assess the effectiveness of the actions taken, identifying areas of improvement, and reviewing the lessons learned.

Communication

Solace’s Digital Forensic and Incident Response teams maintain consistent communication throughout. Dedicated Incident Managers and technical engineering leads provide updates during the Cyber Incident Response journey, utilising risk registers and working within change management processes, all from Triage though to Post Incident delivering successful business recovery.

Solace Cybers’ support continues beyond the recovery process. Once your business is back up and running, we work with you to transform your cyber security through a threat-informed approach utilising our nine step approach Solace Global - Cyber 9 Step Process

Ransomware & Ransomware Groups

There are many different variants of ransomware in use today, and the list is always expanding. Each ransomware will work differently, so needs a bespoke solution. We can help you with all types and the following are some more commonly found variants.

  • 8base

  • Akira

  • akira

  • Alphv

  • arvinclub

  • Avaddon

  • bianlian

  • BlackBasta

  • BlackCat

  • BlackMatter

  • cactus

  • Cerber

  • ciphbit

  • Cl0p

  • cloak

  • CoinVault

  • Coverton

  • CryptoLocker

  • CryptoWall

  • CrySiS

  • CTB Locker

  • Dharma

  • DMA Locker

  • Eking (Phobos)

  • everest

  • GandCrab

  • GlobeImposter 2.0

  • HIVE

  • knight

  • LeChiffre

  • Lockbit3

  • Locky

  • losttrust

  • Makop

  • medusa

  • monti

  • noescape

  • Odin

  • Phobos

  • Play

  • qilin

  • QNPCrypt

  • Quantum

  • ragroup

  • Rakhni

  • Rannoh

  • rhysida

  • Ryuk

  • snatch

  • Sodinokibi / REvil

  • TeslaCrypt

  • trigona

  • WanaCryptor

  • WannaCry

  • Wildfire

Benefits of using Solace Ransomware Recovery

Aside from our quick response and recovery time, there are many other benefits of using our ransomware recovery service. 

  1. Experts and experience - Our teams are specialists in ransomware response and recovery and have helped hundreds of businesses with successful incident response recoveries. 

  2. Complimentary risk mitigation technologies and 24/7 Security Operation Centre (SOC) services - During the recovery process, Solace deploys proprietary protection technologies whilst monitoring and responding to all risks via our in-house 24-hr manned security operation centre, ensuring someone is available to deal with any situation, at all times. 

  3. Highly accredited  - Solace Ransomware Recovery is an approved partner for the NCSC and has several ISO accreditations. 

 If you are currently facing a digital security breach, call us now on 01202 308818.

Trusted Partners in Cybersecurity

At Solace Cyber, our commitment to protecting businesses from ransomware attacks and email-based cyber threats extends far beyond advanced cybersecurity measures. We work in close collaboration with key national authorities, including: 

  • Police: Through partnerships with law enforcement, we ensure that our response to cyber incidents aligns with national efforts to combat cybercrime. Our expertise in handling ransomware attacks and business email compromise (BEC) enables us to work effectively with police forces across the country to mitigate threats and assist in recovery. 
  • Regional Organised Crime Units (ROCUs): ROCUs play a pivotal role in addressing cybercrime, including business email compromise and ransomware attacks. As part of our integrated approach, Solace Cyber collaborates with these units to support investigations and help our clients receive timely intervention and guidance. This partnership ensures that businesses facing significant cyber threats have access to both preventive measures and immediate incident response. 
  • Action Fraud: As the UK’s national reporting centre for fraud and cybercrime, Action Fraud provides crucial support to businesses that have fallen victim to cyberattacks. Solace Cyber coordinates with Action Fraud to ensure that incidents are properly reported and handled, offering clients seamless access to government-backed resources and support during recovery. 

By working closely with these organisations, Solace Cyber delivers comprehensive support for businesses navigating the complex world of cybercrime. Our NCSC accreditation further reinforces our credibility and ability to provide top-tier cybersecurity solutions. 

Trusted Partners in Cybersecurity

Frequently asked questions

As each ransomware recovery process is different, the cost can vary.  For guidance on potential cost, call us on 01202 308818.

For the majority of our clients with cyber insurance, the policy covers both the expenses associated with our services and, if required, the ransom payment.  Please note, if you have cyber insurance or legal counsel, you can request for Solace Cyber to act as your preferred incident response team.

Each response will include the removal of the ransomware, negotiations with attackers and transferring payment if necessary, decryption and restoring of data, amending the vulnerability that led to the attack, and preparing all documentation for legal compliance and insurance claims. 

We have successfully helped recover data from hundreds of major security incidents.

  1. Make back-ups - A new, safe backup of your data can usually stop a ransomware assault from happening. If this is done, finding and encrypting backups will be difficult for many attackers. It is always a good idea for this backup to be physically cut off from the primary network, or "air-gapped." Having a solid security protocol and a frequent backup plan are also crucial. 

  2. Have a next-generation antivirus installed - A traditional signature-based antivirus programme is combined with strong exploit protection, ransomware prevention, and endpoint detection and response (EDR) in next-generation anti-virus software. Sentinel One, FireEye, and McAfee are a few antivirus programmes that have these characteristics. 

  3. Have a next-generation firewall installed - Next-generation firewalls, also known as Unified threat management (UTM) firewalls, increase security at all points of entry and departure for data exchange within your organisation. In addition to email filtering, gateway antivirus, intrusion detection, intrusion prevention, and many other capabilities, it integrates traditional network security. 

  4. Dedicated traffic monitoring - Where feasible, having someone dedicated to monitoring network traffic can also reduce the risk of a ransomware attack. This is because ransomware attackers will usually do a lot of surveillance on a network before attempting a hack, which will usually have tell-tale signs, allowing you to spot and implement a prevention strategy before they hack your data.

We have a team available 24 hours a day, meaning that we can get to your site as soon as possible to begin investigations and recovery.

Contact Us

Under Attack?

If you think you are under a ransomware attack, don’t hesitate to get in touch with us to start the recovery process.

Complete the form to request a complimentary consultation with our specialists and get a plan of action in place immediately.

If you need assistance right away, we would recommend calling us on 01202 308818.

GDPR
Request a callback

Solace Cyber, part of Solace Global, helps companies across the UK recover from ransomware attacks and data breaches.

Solace Cyber Limited is registered in England & Wales no. 14028838

Solace Cyber

Suite 6, Branksome Park House,
Branksome Business Park,
Bourne Valley Road,
Poole, BH12 1ED
United Kingdom

Telephone

Please note that calls may be recorded for security and training purposes.