Toronto: +1 (416) 642-1170 Miami : +1 (305) 995-8222


If you are the victim of a cyber-attack involving extortion or demand for ransom contact us right away. Do not attempt to contact the criminals and negotiate on your own behalf as this may result in secondary extortion, non-delivery on promises, inability to make a payment due to complex payment logistics and/or compliance issues. You might also be breaking the law if you are paying to an individual or organization on the USA, Canada or other relevant country sanctions lists.

CYPFER can assist you in negotiations, payment facilitation, OFAC compliance reporting, and service restoration/remediation activities to minimize your financial impact resulting from both ransom demands and business interruption costs. 


While the true definition of Ransomware is malicious software used in specific attacks where the ultimate outcome is the encryption of files and data in a manner where the only way to decrypt such data is by the use of a specific and typically one-time use keys. These keys are controlled by the cyber-criminals who initiate such attacks against businessess, municipalities, critical infrastructure and individuals. 

Ransomware is also a category of classification of a number of attacks that are motivated by financial gain. These attacks include various tactics which are not limited to the following:

 These attacks may lead to the eventual outcome of data encryption and/or data theft (exfiltration). 

What is common in such attacks is the intent of the cyber-criminal (AKA Adversary) to monetize their criminal activity by holding your data as a "hostage". If payment is not realized these criminals may post the information on public forums, dark-web forums, auction sites or try and sell the information to competitors. 

In addition, 

Cyber-criminals aim to force victims to over-react and limit the amount of time you have to make sound business decisions. They may also engage in activities to increase the sense of urgency which might include:

During these events, most organizations are caught unprepared as the impact to digital assets can be significant. However, it is important to respond to such events in a calm and methodical approach to ensure the situation is contained and that the right level of expertise is applied at each layer. 

CYPFER expertise is available to support response activities and ensure that your team is augmented with practical knowledge and capabilities. Most importantly, this is not the time to shop via "Googling". Trust is critical during vulnerable events such as ransomware attacks. 

While of the incidents we support are reactive in nature, it is critical that organizations consider a proactive approach to such digital risks. Check our advisory page for more information on proactive services we offer including assessments and retainer offerings. These activities enable your management team, your business and yourself to have a trusted partner at your corner in case an attack materializes. 


Please, enter a valid value