Progent's Ransomware Settlement Negotiation Consulting in Barra da Tijuca
Progent has experience negotiating ransomware settlements with hackers. Reaching an acceptable settlement is a complex activity that requires a mix of field experience, IT knowledge and business acumen. It also demands close co-operation with the ransomware victim's IT staff and the cyber insurance provider, if any. Since the number one goal of the ransomware victim is fast recovery, it is vital to establish response teams that operate efficiently, concurrently, and with intimate collaboration. Progent offers the breadth of technical skills and the deep bench of experts to supplement your network support team and restore your network rapidly and affordably.
Support available from Progent's ransomware negotiation experts include:
Concurrent with the settlement negotiations, Progent's ransomware team can assist with:
- Determining the type of ransomware involved in the attack
- identifying and contacting the hacker persona
- Assessing the likelihood of recovery
- Testing the threat actor's decryption tool
- Deciding on an acceptable settlement with the victim and the cyber insurance carrier
- Establishing a settlement and schedule with the TA
- Checking accordance with anti-money laundering (AML) sanctions
- Overseeing the crypto-currency disbursement to the TA
- Receiving, learning, and operating the TA's decryption mechanism
- If needed, contacting the threat actor for assistance with the decryption utility
After the decryption utility has been learned, Progent can help you to recover machines and services to their original condition. Progent can also help you to conduct comprehensive forensics and create a report to deliver to the cyber insurance provider. This report helps you to understand cybersecurity gaps that need to be corrected and recommends steps to be taken to combat subsequent ransomware assaults.
- Quarantining affected endpoints and data stores to prevent further spread of the attack
- Creating digital copies of each infected server and endpoint and data store in order to perform forensics without interfering with recovery
- Installing A/V agents to all virus-free endpoints
- Salvaging data from air-gapped backups or uncompromised endpoints
- Building a clean environment
- Remapping and reconnecting drives to reflect precisely their pre-attack condition
Settling Exfiltration Ransoms
Beyond extorting money for a decryption tool, current variants of ransomware such as Ryuk, Maze, Netwalker, and Egregor often try to exfiltrate files. Hackers are then able to demand a separate settlement in exchange for not divulging this data or selling it. Unfortunately, there is no way to guarantee that stolen files have been completely deleted by the hacker. In fact, in numerous cases the TA has little say over where the information ends up. Settling an exfiltration ransom does not free you from the need for getting the advice of privacy attorneys, conducting an audit on which files were stolen, and sending the mandated notifications to affected entities. In general, paying an exfiltration ransom is a waste.
Progent has provided remote and on-premises network services throughout the United States for more than two decades and has been awarded Microsoft's Gold Partner certification in the Datacenter and Cloud Productivity competencies. Progent's team of SMEs includes consultants who have been awarded high-level certifications in foundation technologies including Cisco networking, VMware, and major distributions of Linux. Progent's cybersecurity consultants have earned internationally recognized certifications such as CISM, CISSP-ISSAP, and CRISC. (See certifications earned by Progent consultants). Progent also has top-tier support in financial management and ERP applications. This broad array of expertise gives Progent the ability to identify and integrate the undamaged parts of your network following a ransomware attack and reconstruct them quickly into a viable network. Progent has worked with top insurance providers including Chubb to assist organizations clean up after ransomware attacks.
Contact Progent about Crypto-Ransomware Settlement Negotiation Expertise in Barra da Tijuca
To get in touch with Progent about ransomware settlement negotiation services in Barra da Tijuca, call Progent at 800-462-8800 or go to Contact Progent.