Secure Email
For non-urgent communication or to send documentation:
contact@aurisecurity.comCritical First Steps
IMPORTANT: Take these immediate actions while waiting for our response team
DO NOT:
- Do NOT power down affected computers - this destroys valuable volatile memory evidence
- Do NOT delete or rename any files - this can destroy evidence, compromise investigation, and make file restoration impossible
- Do NOT attempt to "clean" or run anti-virus software - this can alter evidence and system state, potentially making file recovery impossible
- Do NOT restore from backups without professional guidance - this can overwrite evidence and potentially destroy any chance of recovering affected files
- Do NOT stop a running encryptor - interrupting the encryption process could leave files in an incomplete state, making restoration impossible
DO:
- Disconnect affected systems from the network immediately (unplug network cables/disable Wi-Fi)
- Document any unusual behavior, error messages, or system changes
- Take photos of any error messages or unusual screens
- Identify and isolate any other potentially affected systems
- Keep affected systems powered ON unless specifically instructed otherwise